The aim of this file is to keep a mapping of CVE name to the date that the issue was first known to the public - this helps us generate statistics based on days of risk. We also now use this to track the severity of issues (although this severity is specific to Red Hat and may vary for other distributions). Dates from Steven Christey, Jul 2002: CVE-1999-0719 public=19990723 CVE-1999-0804 public=19990603 CVE-1999-0831 public=19991118 CVE-1999-0832 public=19991130 CVE-1999-0894 public=19991020 CVE-2000-0031 public=19991108 CVE-2000-0052 public=20000104 CVE-2000-0229 public=20000322 CVE-2000-0230 public=20000313 CVE-2000-0248 public=20000424 CVE-2000-0322 public=20000424 CVE-2000-0336 public=20000413 CVE-2000-0356 public=19991013 CVE-2000-0357 public=19991212 CVE-2000-0358 public=19991212 CVE-2000-0364 public=19990606 CVE-2000-0365 public=19990606 CVE-2000-0373 public=19990608 CVE-2000-0389 public=20000516 CVE-2000-0390 public=20000516 CVE-2000-0391 public=20000516 CVE-2000-0392 public=20000516 CVE-2000-0406 public=20000512 CVE-2000-0483 public=20000615 CVE-2000-0506 public=20000609 CVE-2000-0531 public=20000620 CVE-2000-0566 public=20000703 CVE-2000-0573 public=20000623 CVE-2000-0594 public=20000705 CVE-2000-0633 public=20000718 CVE-2000-0655 public=20000724 CVE-2000-0666 public=20000716 CVE-2000-0668 public=20000721 CVE-2000-0676 public=20000803 CVE-2000-0701 public=20000801 CVE-2000-0703 public=20000807 CVE-2000-0705 public=20000807 CVE-2000-0714 public=20000808 CVE-2000-0725 public=20000810 CVE-2000-0727 public=20000829 CVE-2000-0728 public=20000829 CVE-2000-0750 public=20000808 CVE-2000-0751 public=20000808 CVE-2000-0787 public=20000817 CVE-2000-0816 public=20001006 CVE-2000-0824 public=19990917 CVE-2000-0844 public=20000904 CVE-2000-0864 public=20000831 CVE-2000-0867 public=20000917 CVE-2000-0887 public=20001107 CVE-2000-0888 public=20001113 CVE-2000-0901 public=20000905 CVE-2000-0909 public=20000922 CVE-2000-0913 public=20000929,impact=important CVE-2000-0917 public=20000925 CVE-2000-0934 public=20000920 CVE-2000-0948 public=20001002 CVE-2000-0949 public=20000928 CVE-2000-0956 public=20001026 CVE-2000-0973 public=20001013 CVE-2000-0974 public=20001011 CVE-2000-1040 public=20001018 CVE-2000-1045 public=20001027 CVE-2000-1095 public=20001112 CVE-2000-1134 public=20001028 CVE-2000-1137 public=20001129 CVE-2000-1162 public=20001122 CVE-2000-1169 public=20001113 CVE-2000-1174 public=20001118 CVE-2000-1178 public=20001116 CVE-2000-1187 public=20001127 CVE-2000-1189 public=20001201 CVE-2000-1190 public=20000531 CVE-2001-0010 public=20010129 CVE-2001-0011 public=20010129 CVE-2001-0012 public=20010129 CVE-2001-0013 public=20010129 CVE-2001-0026 public=20001211 CVE-2001-0050 public=20001207 CVE-2001-0060 public=20001218 CVE-2001-0066 public=20001126 CVE-2001-0071 public=20001219 CVE-2001-0072 public=20001219 CVE-2001-0101 public=20001227 CVE-2001-0128 public=20001216 CVE-2001-0169 public=20010116 CVE-2001-0170 public=20010110 CVE-2001-0191 public=20010202 CVE-2001-0197 public=20010121 CVE-2001-0233 public=20010118 CVE-2001-0289 public=20010228 CVE-2001-0301 public=20010213 CVE-2001-0309 public=20010130 CVE-2001-0316 public=20010208 CVE-2001-0317 public=20010208 CVE-2001-0405 public=20010416,impact=important CVE-2001-0408 public=20010326 CVE-2001-0414 public=20010404 CVE-2001-0416 public=20010308 CVE-2001-0417 public=20010307 CVE-2001-0440 public=20010420 CVE-2001-0441 public=20010309 CVE-2001-0473 public=20010309 CVE-2001-0489 public=20010417 CVE-2001-0496 public=20010430 CVE-2001-0522 public=20010529 CVE-2001-0550 public=20010430,impact=critical CVE-2001-0554 public=20010718,impact=critical CVE-2001-0556 public=20010301 CVE-2001-0560 public=20010210 CVE-2001-0567 public=20010502 CVE-2001-0568 public=20010223 CVE-2001-0569 public=20010223 CVE-2001-0570 public=20010503 CVE-2001-0572 public=20010318 CVE-2001-0596 public=20010409 CVE-2001-0635 public=20010502,impact=important CVE-2001-0641 public=20010513 CVE-2001-0653 public=20010821 CVE-2001-0690 public=20010606 CVE-2001-0736 public=20010331 CVE-2001-0763 public=20010608 CVE-2001-0787 public=20010612,impact=important CVE-2001-0816 public=20010918 CVE-2001-0825 public=20010702 CVE-2001-0834 public=20011007 CVE-2001-0835 public=20011024 CVE-2001-0843 public=20010921 CVE-2001-0851 public=20011102,impact=important CVE-2001-0852 public=20011105,impact=important CVE-2001-0859 public=20011113 CVE-2001-0869 public=20011102 CVE-2001-0872 public=20011204 CVE-2001-0884 public=20011128 CVE-2001-0886 public=20011214 CVE-2001-0889 public=20020108 CVE-2001-0894 public=20011115 CVE-2001-0905 public=20010703 CVE-2001-0906 public=20010622 CVE-2001-0977 public=20010716 CVE-2001-1002 public=20010827 CVE-2001-1009 public=20010809 CVE-2001-1028 public=20010921,impact=important CVE-2001-1030 public=20010718 CVE-2001-1141 public=20010710 CVE-2001-1147 public=20011008,impact=important CVE-2001-1162 public=20010623 CVE-2001-1174 public=20010703 CVE-2001-1175 public=20010712,impact=moderate CVE-2001-1227 public=20011010,impact=moderate CVE-2001-1229 public=20010313 CVE-2001-1230 public=20010313 CVE-2001-1247 public=20010630 CVE-2001-1273 public=20010208 CVE-2001-1274 public=20010119 CVE-2001-1275 public=20010123 CVE-2001-1276 public=20010604 CVE-2001-1277 public=20010611 CVE-2001-1278 public=20011010 CVE-2001-1279 public=20010709 CVE-2001-1322 public=20010611 CVE-2001-1323 public=20010425,impact=critical CVE-2001-1350 public=20011225 CVE-2001-1351 public=20011225 CVE-2001-1352 public=20011227 CVE-2001-1353 public=20010918 CVE-2001-1376 public=20011113 CVE-2001-1377 public=20011113 CVE-2001-1378 public=20010312 CVE-2002-0001 public=20020101 CVE-2002-0002 public=20011218 CVE-2002-0003 public=20020114,impact=important CVE-2002-0004 public=20020117 CVE-2002-0006 public=20020109 CVE-2002-0012 public=20020212 CVE-2002-0013 public=20020212 CVE-2002-0043 public=20020114 CVE-2002-0044 public=20020114 CVE-2002-0045 public=20020114 CVE-2002-0046 public=20020120,impact=important CVE-2002-0047 public=20020114,impact=important CVE-2002-0048 public=20020125 CVE-2002-0059 public=20020309 CVE-2002-0060 public=20020227,impact=important CVE-2002-0062 public=20020218 CVE-2002-0063 public=20020213 CVE-2002-0067 public=20020221 CVE-2002-0068 public=20020221 CVE-2002-0069 public=20020221 CVE-2002-0080 public=20020311 CVE-2002-0081 public=20020227,impact=critical CVE-2002-0082 public=20020227,impact=important CVE-2002-0083 public=20020307 CVE-2002-0092 public=20020220 CVE-2002-0146 public=20020520 CVE-2002-0157 public=20020502 CVE-2002-0162 public=20020327 CVE-2002-0165 public=20020403 CVE-2002-0167 public=20020320,impact=important CVE-2002-0168 public=20020320,impact=important CVE-2002-0169 public=20020501 CVE-2002-0178 public=20020314,impact=low CVE-2002-0184 public=20020425 CVE-2002-0363 public=20020131,impact=important CVE-2002-0374 public=20020506,impact=important CVE-2002-0378 public=20020610,impact=important CVE-2002-0379 public=20020510 CVE-2002-0380 public=20020531,impact=moderate CVE-2002-0382 public=20020327,impact=important CVE-2002-0392 public=20020617,impact=moderate CVE-2002-0400 public=20020604,impact=important CVE-2002-0653 public=20020624,impact=moderate CVE-2002-0703 public=20020510 CVE-2002-0704 public=20020509 Dates from Steven Christey: CVE-2000-0035 public=19991228 CVE-2000-0037 public=19991228 CVE-2000-0183 public=20000310 CVE-2000-0196 public=20000228 CVE-2000-0269 public=20000418 CVE-2000-0491 public=20000521 CVE-2000-0546 public=20000609 CVE-2000-0547 public=20000609 CVE-2000-0548 public=20000609 CVE-2000-0549 public=20000609 CVE-2000-0550 public=20000609 CVE-2000-0691 public=20000825 CVE-2000-0715 public=20000805 CVE-2000-0829 public=20000909 CVE-2000-0967 public=20001012 CVE-2000-1189 public=20001201 CVE-2000-1190 public=20000531 CVE-2001-0036 public=20001208 CVE-2001-0117 public=20010110,impact=low CVE-2001-0141 public=20010110 CVE-2001-0279 public=20010222 CVE-2001-0381 public=20010319 CVE-2001-0406 public=20010417 CVE-2001-0439 public=20010420 CVE-2001-0670 public=20010829 CVE-2001-0691 public=20010611 CVE-2001-0730 public=20010928,impact=moderate CVE-2001-0731 public=20010709,impact=important CVE-2001-0775 public=20010710,impact=important CVE-2001-0784 public=20010626 CVE-2001-0819 public=20010610 CVE-2001-0873 public=20010908 CVE-2001-0887 public=20011217 CVE-2001-1083 public=20010626 CVE-2001-1332 public=20010305 CVE-2001-1333 public=20010305 CVE-2001-1349 public=20010528 CVE-2002-0007 public=20020105 CVE-2002-0008 public=20020105 CVE-2002-0009 public=20020105 CVE-2002-0010 public=20020105 CVE-2002-0011 public=20020105 CVE-2002-0163 public=20020326 CVE-2002-0177 public=20020402 CVE-2002-0180 public=20020415,impact=moderate CVE-2002-0185 public=20020405 CVE-2002-0272 public=20020212 CVE-2002-0353 public=20020323 CVE-2002-0354 public=20020425 CVE-2002-0388 public=20020520,impact=important CVE-2002-0401 public=20020519 CVE-2002-0402 public=20020519,impact=moderate CVE-2002-0403 public=20020519,impact=moderate CVE-2002-0404 public=20020519,impact=moderate CVE-2002-0640 public=20020626,impact=moderate CVE-2002-0014 public=20020105 CVE-2001-0890 public=20011217 From http://www.squid-cache.org/Advisories/SQUID-2002_3.txt CVE-2002-0715 public=20020703,impact=important CVE-2002-0714 public=20020703,impact=moderate CVE-2002-0713 public=20020703,impact=important Dates from Steven Christey Jul 2002: CVE-2002-0651 public=20020626,impact=important CVE-2001-1383 public=20010919 CVE-2001-1380 public=20010926 CVE-2001-1379 public=20010829 From Mark Cox, OpenSSL issues: CVE-2002-0659 public=20020730,impact=important CVE-2002-0657 public=20020730 CVE-2002-0656 public=20020730,impact=critical CVE-2002-0655 public=20020730,impact=critical Dates from Steven Christey Aug 2002: CVE-2000-0186 public=20000228 CVE-2000-0520 public=20000607 CVE-2000-0530 public=20000531 CVE-2000-0963 public=20001009 CVE-2000-1207 public=20000930 CVE-2000-1208 public=20000531 CVE-2001-0108 public=20010112 CVE-2001-1384 public=20011018,impact=important CVE-2001-1385 public=20010112 CVE-2002-0638 public=20020729,impact=moderate CVE-2002-0658 public=20020729,impact=moderate CVE-2002-0684 public=20020626,impact=moderate Dates from Steven Christey Oct 2002: CVE-2000-1211 public=20001222 CVE-2000-1212 public=20001218 CVE-2000-1213 public=20001018 CVE-2000-1214 public=20001018 CVE-2001-1246 public=20010630,impact=important CVE-2001-1267 public=20010712,impact=low CVE-2001-1268 public=20010712,impact=low CVE-2001-1269 public=20010712,impact=low CVE-2001-1374 public=20010719,impact=moderate CVE-2001-1375 public=20010719,impact=moderate CVE-2001-1387 public=20011030 CVE-2001-1388 public=20011030 CVE-2001-1389 public=20010830 CVE-2001-1391 public=20010327 CVE-2001-1401 public=20010829 CVE-2001-1402 public=20010829 CVE-2001-1403 public=20010829 CVE-2001-1404 public=20010829 CVE-2001-1405 public=20010829 CVE-2001-1406 public=20010829 CVE-2001-1407 public=20010829 CVE-2002-0170 public=20020301 CVE-2002-0384 public=20020805,impact=important CVE-2002-0391 public=20020729,impact=important CVE-2002-0399 public=20020930,impact=low CVE-2002-0660 public=20020805,impact=important CVE-2002-0662 public=20020903 CVE-2002-0687 public=20020415 CVE-2002-0688 public=20020614 CVE-2002-0728 public=20020708,impact=moderate CVE-2002-0803 public=20020608 CVE-2002-0804 public=20020608 CVE-2002-0805 public=20020608 CVE-2002-0806 public=20020608 CVE-2002-0807 public=20020608 CVE-2002-0808 public=20020608 CVE-2002-0809 public=20020608 CVE-2002-0810 public=20020608 CVE-2002-0811 public=20020608 CVE-2002-0821 public=20020628,impact=moderate CVE-2002-0822 public=20020628,impact=moderate CVE-2002-0825 public=20020723,impact=important CVE-2002-0834 public=20020820,impact=moderate CVE-2002-0835 public=20020830,impact=important CVE-2002-0837 public=20020909 CVE-2002-0855 public=20020711,impact=important CVE-2002-0989 public=20020825,impact=important CVE-2002-1146 public=20021003,impact=moderate CVE-2002-0802 public=20020502 CVE-2002-0838 public=20021004,impact=important CVE-2002-1174 public=20020929,impact=critical CVE-2002-1175 public=20020929,impact=moderate Data Set from Mark Cox: CVE-2002-0986 public=20020823,impact=moderate CVE-2002-1318 public=20021120 CVE-2002-1319 public=20021111,impact=important CVE-2002-0985 public=20020823,impact=low CVE-2002-1235 public=20021023,impact=critical CVE-2002-0836 public=20021014,impact=important CVE-2002-1091 public=20020906,impact=important CVE-2002-1126 public=20020911,impact=low CVE-2002-1131 public=20020919 CVE-2002-1132 public=20020919 CVE-2002-1154 public=20020514 CVE-2002-1232 public=20021021,impact=important CVE-2002-0166 public=20020328 CVE-2001-1022 public=20010727,impact=important Dates from Steven Christey Mar 2003: CVE-2001-1390 public=20010327 CVE-2001-1392 public=20010327 CVE-2001-1393 public=20010327 CVE-2001-1394 public=20010327 CVE-2001-1395 public=20010327 CVE-2001-1396 public=20010327 CVE-2001-1397 public=20010327 CVE-2001-1398 public=20010327 CVE-2001-1399 public=20010327 CVE-2001-1400 public=20010327 CVE-2002-0274 public=20020213 CVE-2002-0429 public=20020308 CVE-2002-0435 public=20020310 CVE-2002-0593 public=20020430,impact=important CVE-2002-0594 public=20020430,impact=low CVE-2002-0839 public=20021003,impact=important CVE-2002-0840 public=20021002,impact=low CVE-2002-0843 public=20021003,impact=important CVE-2002-0871 public=20020813,impact=moderate CVE-2002-0970 public=20020812,impact=important CVE-2002-0972 public=20020820,impact=important CVE-2002-1119 public=20020828,impact=low CVE-2002-1148 public=20020924,impact=important CVE-2002-1151 public=20020910,impact=important CVE-2002-1152 public=20020910 CVE-2002-1157 public=20021022,impact=low CVE-2002-1158 public=20021210,impact=important CVE-2002-1159 public=20021210,impact=low CVE-2002-1160 public=20030203,impact=important CVE-2002-1165 public=20021001,impact=low CVE-2002-1170 public=20021002 CVE-2002-1216 public=20020928,impact=low CVE-2002-1223 public=20021017 CVE-2002-1224 public=20021008 CVE-2002-1247 public=20021111,impact=low CVE-2002-1277 public=20021107,impact=moderate CVE-2002-1281 public=20021111,impact=important CVE-2002-1282 public=20021111,impact=important CVE-2002-1306 public=20021112,impact=moderate CVE-2002-1320 public=20021107,impact=moderate CVE-2002-1335 public=20021127,impact=moderate CVE-2002-1336 public=20020726,impact=moderate CVE-2002-1337 public=20030303,impact=critical CVE-2002-1344 public=20021210,impact=moderate CVE-2002-1347 public=20021209 CVE-2002-1348 public=20021204,impact=important CVE-2002-1350 public=20021210,impact=moderate CVE-2002-1355 public=20021207,impact=low CVE-2002-1356 public=20021207,impact=moderate CVE-2002-1363 public=20021219,impact=important CVE-2002-1365 public=20021213,impact=critical CVE-2002-1366 public=20021219 CVE-2002-1367 public=20021219 CVE-2002-1368 public=20021219 CVE-2002-1369 public=20021219 CVE-2002-1371 public=20021219 CVE-2002-1372 public=20021219 CVE-2002-1373 public=20021212,impact=moderate CVE-2002-1374 public=20021212,impact=important CVE-2002-1375 public=20021212,impact=moderate CVE-2002-1376 public=20021212,impact=important CVE-2002-1377 public=20021212,impact=important CVE-2002-1378 public=20021206,impact=critical CVE-2002-1379 public=20021206,impact=critical CVE-2002-1383 public=20021219 CVE-2002-1384 public=20021223,impact=important CVE-2002-1391 public=20021125,impact=low CVE-2002-1392 public=20021125,impact=low CVE-2002-1393 public=20021220,impact=important CVE-2002-1394 public=20021015,impact=important CVE-2002-1395 public=20021203,impact=low CVE-2002-1396 public=20021227 CVE-2002-1397 public=20020819,impact=important CVE-2002-1398 public=20020819,impact=important CVE-2002-1400 public=20020820,impact=important CVE-2002-1401 public=20020828,impact=moderate CVE-2002-1402 public=20021021,impact=important CVE-2002-1405 public=20020819,impact=low CVE-2002-1508 public=20021206,impact=low CVE-2002-1509 public=20030213,impact=moderate CVE-2002-1511 public=20021011,impact=moderate CVE-2003-0001 public=20030106,impact=important CVE-2003-0015 public=20030120,impact=critical CVE-2003-0018 public=20030204,impact=important CVE-2003-0019 public=20030207 CVE-2003-0020 public=20030224,impact=low CVE-2003-0026 public=20030115 CVE-2003-0041 public=20030131,impact=moderate CVE-2003-0070 public=20030224 CVE-2003-0078 public=20030219,impact=moderate CVE-2003-0093 public=20030212,impact=low Dates from Steven Christey Jun 2003: CVE-2002-0036 public=20030129,impact=important CVE-2002-1090 public=20020304,impact=important CVE-2002-1276 public=20021102 CVE-2002-1341 public=20021203 CVE-2002-1362 public=20021213,impact=low CVE-2002-1380 public=20021217 CVE-2003-0022 public=20030224,impact=important CVE-2003-0023 public=20030224,impact=important CVE-2003-0028 public=20030319,impact=critical CVE-2003-0039 public=20030115 CVE-2003-0058 public=20030128,impact=moderate CVE-2003-0059 public=20030128,impact=moderate CVE-2003-0066 public=20030224,impact=moderate CVE-2003-0072 public=20030319,impact=important CVE-2003-0073 public=20030123,impact=important CVE-2003-0080 public=20030317 CVE-2003-0081 public=20030308,impact=moderate CVE-2003-0082 public=20030319,impact=important CVE-2003-0083 public=20030327,impact=low CVE-2003-0084 public=20030428,impact=important CVE-2003-0085 public=20030315,impact=critical CVE-2003-0086 public=20030315,impact=moderate CVE-2003-0102 public=20030304,impact=moderate CVE-2003-0107 public=20030222,impact=moderate CVE-2003-0108 public=20030227,impact=low CVE-2003-0124 public=20030311,impact=low CVE-2003-0127 public=20030317,impact=important CVE-2003-0128 public=20030319 CVE-2003-0129 public=20030319 CVE-2003-0130 public=20030319 CVE-2003-0131 public=20030319,impact=important CVE-2003-0132 public=20030402 CVE-2003-0133 public=20030414 CVE-2003-0135 public=20030401 CVE-2003-0136 public=20030414,impact=low CVE-2003-0138 public=20030319,impact=important CVE-2003-0139 public=20030319,impact=important CVE-2003-0140 public=20030320,impact=important CVE-2003-0145 public=20030225,impact=moderate CVE-2003-0146 public=20030228,impact=important CVE-2003-0147 public=20030314,impact=important CVE-2003-0150 public=20030308,impact=important CVE-2003-0159 public=20030309,impact=moderate CVE-2003-0160 public=20030211 CVE-2003-0161 public=20030329,impact=critical CVE-2003-0165 public=20030328 CVE-2003-0188 public=20030516,impact=low CVE-2003-0189 public=20030528 CVE-2003-0194 public=20030515,impact=moderate CVE-2003-0195 public=20030527 CVE-2003-0196 public=20030407,impact=critical CVE-2003-0201 public=20030407,impact=critical CVE-2003-0204 public=20030410,impact=important CVE-2003-0211 public=20030410 CVE-2003-0244 public=20030405,impact=important CVE-2003-0245 public=20030528 CVE-2003-0255 public=20030504,impact=moderate CVE-2003-0354 public=20030530,impact=important Mark Cox worked these out by hand: CVE-2001-1409 public=20010828,impact=low CVE-2002-0164 public=20020502,impact=important CVE-2002-1155 public=20030609,impact=important CVE-2002-1308 public=20021114,impact=important CVE-2002-1467 public=20020808,impact=important CVE-2002-1472 public=20020918 CVE-2002-1510 public=20011212,impact=important CVE-2002-1563 public=20021030,impact=important CVE-2003-0063 public=20030224,impact=moderate CVE-2003-0071 public=20030224,impact=low CVE-2003-0077 public=20030224,impact=low CVE-2003-0079 public=20030224,impact=moderate CVE-2003-0190 public=20030430,impact=low CVE-2003-0246 public=20030603,impact=important CVE-2003-0247 public=20030603,impact=important CVE-2003-0248 public=20030603,impact=moderate CVE-2003-0251 public=20030804,impact=moderate CVE-2003-0252 public=20030714,impact=important CVE-2003-0282 public=20030509,impact=moderate CVE-2003-0356 public=20030501,impact=moderate CVE-2003-0357 public=20030501,impact=moderate CVE-2003-0364 public=20030603,impact=important CVE-2003-0370 public=20030602,impact=important CVE-2003-0428 public=20030501,impact=low CVE-2003-0429 public=20030501,impact=moderate CVE-2003-0430 public=20030501,impact=low CVE-2003-0431 public=20030501,impact=low CVE-2003-0432 public=20030501,impact=low CVE-2003-0434 public=20030613,impact=important CVE-2003-0440 public=20030606,impact=low CVE-2003-0442 public=20030511 CVE-2003-0459 public=20030729,impact=moderate CVE-2003-0462 public=20030821,impact=important CVE-2003-0466 public=20030731,impact=important CVE-2003-0468 public=20030803 CVE-2003-0501 public=20030620,impact=moderate CVE-2003-0539 public=20030708,impact=low CVE-2003-0540 public=20030803 CVE-2003-0546 public=20030808 CVE-2003-0547 public=20030820,impact=low CVE-2003-0548 public=20030820,impact=low CVE-2003-0549 public=20030820,impact=low CVE-2003-0550 public=20030630,impact=moderate CVE-2003-0551 public=20030630,impact=moderate CVE-2003-0552 public=20030630,impact=moderate CVE-2003-0619 public=20030729,impact=important CVE-2003-0686 public=20030826,impact=important CVE-2003-0689 public=20030401,impact=important CVE-2003-0699 public=20030821,impact=moderate CVE-2002-0846 public=20020808,impact=important Mark Cox worked these out by hand: CVE-2002-1323 public=20021004,impact=moderate CVE-2003-0192 public=20030709,impact=moderate CVE-2003-0253 public=20030709 CVE-2003-0254 public=20030709 CVE-2003-0541 public=20030909 CVE-2003-0543 public=20030930,impact=moderate CVE-2003-0544 public=20030930,impact=moderate CVE-2003-0545 public=20030930,impact=critical CVE-2003-0615 public=20030720,impact=important CVE-2003-0681 public=20030917,impact=important CVE-2003-0682 public=20030916,impact=important CVE-2003-0690 public=20030916,impact=moderate CVE-2003-0692 public=20030916,impact=moderate CVE-2003-0693 public=20030915,impact=critical CVE-2003-0694 public=20030917,impact=critical CVE-2003-0695 public=20030916,impact=critical CVE-2003-0720 public=20030910,impact=important CVE-2003-0721 public=20030910,impact=important CVE-2002-0274 public=20020213 Mark Cox worked these out by hand Oct 2003: CVE-2003-0187 public=20030514 CVE-2003-0461 public=20030721,impact=low CVE-2003-0464 public=20030721,impact=important CVE-2003-0476 public=20030627,impact=important CVE-2003-0688 public=20030825 CVE-2003-0700 public=20030721,impact=moderate CVE-2003-0773 public=20030210,impact=moderate CVE-2003-0774 public=20030210,impact=moderate CVE-2003-0775 public=20030210,impact=moderate CVE-2003-0776 public=20030210,impact=moderate CVE-2003-0777 public=20030210,impact=moderate CVE-2003-0778 public=20030210,impact=moderate CVE-2003-0780 public=20030910,impact=important Mark Cox worked these out by hand Dec 2003: CVE-2003-0730 public=20030830,impact=important CVE-2003-0740 public=20030903,impact=important CVE-2003-0790 public=20030923,impact=low CVE-2003-0792 public=20031016,impact=moderate CVE-2003-0795 public=20031015,impact=important CVE-2003-0853 public=20031015,impact=moderate CVE-2003-0854 public=20031015,impact=important CVE-2003-0856 public=20031112,impact=low CVE-2003-0858 public=20031112,impact=low CVE-2003-0859 public=20031112,impact=low CVE-2003-0901 public=20030824,impact=moderate CVE-2003-0925 public=20031103,impact=moderate CVE-2003-0926 public=20031103,impact=low CVE-2003-0927 public=20031103,impact=moderate CVE-2003-0961 public=20031201,impact=important Mark Cox worked these out by hand Jan 2004: CVE-2002-0844 public=20020525,impact=low CVE-2002-1565 public=20021212,impact=low CVE-2003-0542 public=20031029,impact=low CVE-2003-0855 public=20030225,impact=low CVE-2003-0935 public=20030906,impact=moderate CVE-2003-0962 public=20031204,impact=critical CVE-2003-0963 public=20031213,impact=moderate CVE-2003-0966 public=20040114,impact=important CVE-2003-0967 public=20031120,impact=moderate CVE-2003-0971 public=20031127,impact=important CVE-2003-0977 public=20031217,impact=low CVE-2003-0985 public=20040105,impact=important CVE-2003-0988 public=20040114,impact=important CVE-2003-0989 public=20040114,impact=moderate CVE-2004-0001 public=20040113,impact=moderate CVE-2004-0055 public=20040104,impact=moderate CVE-2004-0057 public=20040104,impact=moderate CVE-2003-0972 public=20031127,impact=low CVE-2003-1012 public=20031212,impact=low CVE-2003-1013 public=20031212,impact=low CVE-2004-0008 public=20040126,impact=critical CVE-2004-0006 public=20040126,impact=moderate Mark Cox worked these out with changes and discussions with Forrester research: CVE-2002-0166 public=20020320 CVE-2002-0384 public=20020521 CVE-2002-0809 public=20020602 CVE-2002-1119 public=20020801 CVE-2002-1126 public=20020519 CVE-2002-1348 public=20021127 CVE-2002-1362 public=20021103 CVE-2002-1350 public=20011015 CVE-2002-1394 public=20021009 CVE-2002-1395 public=20021028 CVE-2002-1396 public=20021210 CVE-2002-1402 public=20020828 CVE-2002-1509 public=20020810 CVE-2003-0093 public=20030110 CVE-2003-0133 public=20030402 CVE-2003-0188 public=20030427 CVE-2003-0194 public=20030505 CVE-2003-0246 public=20030512 CVE-2003-0354 public=20030518 CVE-2002-0808 public=20011030 CVE-2002-0810 public=20010725 CVE-2003-0204 public=20030403 CVE-2001-1268 public=20010705 CVE-2001-1269 public=20010705 CVE-2002-0838 public=20020926 CVE-2002-1131 public=20020916 CVE-2002-1132 public=20020916 CVE-2002-1151 public=20020906 CVE-2002-1158 public=20021210 CVE-2002-1159 public=20021210 CVE-2002-1223 public=20021008 CVE-2003-0083 public=20030224 CVE-2003-0136 public=20030409 CVE-2002-0047 public=20020107 CVE-2002-0435 public=20020307,impact=low CVE-2001-1374 public=20010218 CVE-2001-1375 public=20010218 CVE-2002-0178 public=20020412 CVE-2002-0808 public=20011105 CVE-2002-1319 public=20021111 CVE-2003-0211 public=20030418,impact=important CVE-2002-1509 public=20021008 CVE-2002-1158 public=20021202 CVE-2002-1159 public=20021202 Mark Cox worked these out March 2004: CVE-2003-0848 public=20031006,impact=moderate CVE-2003-0924 public=20040118,impact=moderate CVE-2003-0991 public=20040209,impact=important CVE-2003-1023 public=20040116,impact=important CVE-2004-0003 public=20040116,impact=moderate CVE-2004-0077 public=20040218,impact=important CVE-2004-0078 public=20040211,impact=important CVE-2004-0080 public=20040203,impact=moderate CVE-2004-0097 public=20040121,impact=moderate CVE-2004-0104 public=20040218,impact=important CVE-2004-0105 public=20040218,impact=important Mark Cox worked these out March 2004: CVE-2002-1574 public=20020826,impact=moderate CVE-2003-0056 public=20040113,impact=moderate CVE-2003-0973 public=20031128,impact=low CVE-2004-0007 public=20040126,impact=moderate CVE-2004-0010 public=20040218,impact=moderate CVE-2004-0082 public=20040213,impact=low CVE-2004-0083 public=20040208,impact=important CVE-2004-0084 public=20040212,impact=important CVE-2004-0106 public=20040213,impact=important CVE-2004-0110 public=20040212,impact=moderate Mark Cox worked these out April 2004: CVE-2003-0564 public=20031223,impact=important CVE-2003-0592 public=20040310,impact=important CVE-2003-0594 public=20040310,impact=low CVE-2003-0851 public=20031104,impact=important CVE-2004-0079 public=20040317,impact=important,source=upstream,reported=20040308 CVE-2004-0081 public=20040317,impact=low CVE-2004-0107 public=20040310,impact=moderate CVE-2004-0108 public=20040310,impact=moderate CVE-2004-0111 public=20040310,impact=important CVE-2004-0112 public=20040317,impact=low CVE-2004-0113 public=20040307,impact=important CVE-2004-0148 public=20040308,impact=moderate CVE-2004-0176 public=20031026,impact=moderate CVE-2004-0185 public=20040308,impact=important CVE-2004-0191 public=20040225,impact=low CVE-2004-0365 public=20040318,impact=low CVE-2004-0367 public=20040322,impact=low Mark Cox worked these out May 2004: CVE-2003-0328 public=20030905,impact=important CVE-2003-0788 public=20031103,impact=moderate CVE-2003-0789 public=20031028,impact=moderate CVE-2003-0984 public=20031204,impact=low CVE-2004-0075 public=20040218,impact=moderate CVE-2003-0965 public=20031231,impact=important CVE-2003-0992 public=20030929,impact=important CVE-2004-0189 public=20040229,impact=low CVE-2004-0093 public=20040219,impact=important CVE-2004-0094 public=20040219,impact=important CVE-2004-0109 public=20040414,impact=moderate CVE-2004-0154 public=20030909,impact=low CVE-2004-0179 public=20040414,impact=important CVE-2004-0180 public=20040414,impact=low CVE-2004-0182 public=20040414,impact=important CVE-2004-0405 public=20040414,impact=moderate CVE-2004-0424 public=20040420,impact=important Mark Cox worked these out June 2004: CVE-2004-0155 public=20040405,impact=important CVE-2004-0183 public=20040329,impact=low CVE-2004-0184 public=20040329,impact=low CVE-2004-0226 public=20040429,impact=important CVE-2004-0231 public=20040429,impact=moderate CVE-2004-0232 public=20040429,impact=important CVE-2004-0233 public=20040419,impact=moderate CVE-2004-0396 public=20040519,impact=critical CVE-2004-0398 public=20040519,impact=important CVE-2004-0421 public=20040429,impact=important CVE-2004-0426 public=20040426,impact=important CVE-2003-0465 public=20030711,impact=low CVE-2004-0164 public=20040113,impact=moderate CVE-2004-0234 public=20040501,impact=important CVE-2004-0235 public=20040501,impact=moderate CVE-2004-0403 public=20040424,impact=important CVE-2004-0411 public=20040517,impact=important Mark Cox worked these out July 2004: CVE-2004-0414 public=20040609,impact=critical CVE-2004-0416 public=20040609,impact=important CVE-2004-0417 public=20040609,impact=important CVE-2004-0418 public=20040609,impact=important CVE-2004-0504 public=20040513,impact=low CVE-2004-0505 public=20040513,impact=low CVE-2004-0506 public=20040513,impact=low CVE-2004-0507 public=20040513,impact=moderate CVE-2004-0519 public=20040429,impact=moderate CVE-2004-0520 public=20040529,impact=moderate CVE-2004-0521 public=20040427,impact=important CVE-2004-0523 public=20040601,impact=moderate CVE-2004-0536 public=20040602,impact=important CVE-2004-0541 public=20040608,impact=moderate CVE-2004-0554 public=20040609,impact=important CVE-2004-0427 public=20040408,impact=moderate CVE-2004-0488 public=20040517,impact=moderate CVE-2004-0492 public=20040610,impact=low CVE-2004-0495 public=20040618,impact=moderate CVE-2004-0497 public=20040630,impact=moderate Mark Cox worked these out Aug 2004: CVE-2004-0096 public=20040122,impact=low CVE-2004-0493 public=20040628,impact=important CVE-2004-0557 public=20040728,impact=important CVE-2004-0594 public=20040714,impact=important CVE-2004-0595 public=20040714,impact=moderate CVE-2004-0600 public=20040722,impact=important CVE-2004-0686 public=20040722,impact=moderate CVE-2004-0607 public=20040615,impact=important # Below is kernel issue first public by Conectiva? CVE-2003-1040 public=20040220,impact=important Mark Cox worked these out Aug 2004: CVE-2002-0029 public=20021112,impact=important CVE-2003-1040 public=20031204,impact=important CVE-2004-0415 public=20040803,impact=important CVE-2004-0535 public=20040514,impact=low CVE-2004-0587 public=20040504,impact=low CVE-2004-0594 public=20040713,impact=important CVE-2004-0595 public=20040714,impact=moderate CVE-2004-0686 public=20040722,impact=moderate CVE-2004-0178 public=20040703,impact=low CVE-2004-0447 public=20040619,impact=moderate CVE-2004-0494 public=20040804,impact=low CVE-2004-0597 public=20040804,impact=critical CVE-2004-0598 public=20040804,impact=important CVE-2004-0599 public=20040804,impact=important CVE-2004-0633 public=20040706,impact=moderate CVE-2004-0634 public=20040706,impact=low CVE-2004-0635 public=20040706,impact=moderate CVE-2004-0718 public=20040701,impact=moderate CVE-2004-0722 public=20040722,impact=critical CVE-2004-0757 public=20040722,impact=important CVE-2004-0758 public=20040703,impact=moderate CVE-2004-0759 public=20040722,impact=important CVE-2004-0760 public=20040711,impact=low CVE-2004-0761 public=20040722,impact=important CVE-2004-0762 public=20040701,impact=important CVE-2004-0763 public=20040726,impact=moderate CVE-2004-0764 public=20040730,impact=important CVE-2004-0765 public=20040212,impact=low CVE-2004-0778 public=20040609,impact=moderate Mark Cox worked these out Sep 2004: CVE-2004-0691 public=20040818,impact=important CVE-2004-0692 public=20040818,impact=moderate CVE-2004-0693 public=20040818,impact=moderate CVE-2003-0388 public=20030616,impact=low CVE-2004-0422 public=20040501,impact=low CVE-2004-0630 public=20040812,impact=important CVE-2004-0631 public=20040812,impact=important CVE-2004-0642 public=20040831,impact=critical CVE-2004-0643 public=20040831,impact=critical CVE-2004-0644 public=20040831,impact=important CVE-2004-0772 public=20030327,impact=important CVE-# CAN-2004-0772, RHSA-2003:052 Taken from RHSA completed.txt Oct 2004: CVE-2004-0809 public=20040915,impact=low CVE-2004-0817 public=20040825,impact=important CVE-2004-0558 public=20040915,impact=moderate CVE-2004-0700 public=20040716,impact=important CVE-2004-0747 public=20040915,impact=low CVE-2004-0751 public=20040915,impact=low CVE-2004-0752 public=20040910,impact=moderate CVE-2004-0753 public=20040820,impact=moderate CVE-2004-0755 public=20040722,impact=low CVE-2004-0782 public=20040915,impact=important CVE-2004-0783 public=20040915,impact=important CVE-2004-0786 public=20040915,impact=moderate CVE-2004-0788 public=20040915,impact=moderate CVE-2004-0792 public=20040812,impact=moderate CVE-2004-0796 public=20040805,impact=important Worked out by Mark Cox from Internet sources Oct 2004: CVE-2004-0500 public=20040822,impact=low CVE-2004-0785 public=20040826,impact=critical CVE-2004-0754 public=20040826,impact=important CVE-2004-0784 public=20040826,impact=moderate CVE-2004-0694 public=20040811,impact=moderate CVE-2004-0745 public=20040811,impact=moderate CVE-2004-0748 public=20040707,impact=important CVE-2004-0750 public=20040922,impact=low CVE-2004-0769 public=20040606,impact=important CVE-2004-0771 public=20040515,impact=moderate CVE-2004-0807 public=20040913,impact=important CVE-2004-0808 public=20040913,impact=important CVE-2004-0832 public=20040818,impact=moderate CVE-2004-0902 public=20040904,impact=important CVE-2004-0903 public=20040829,impact=important CVE-2004-0904 public=20040810,impact=critical CVE-2004-0905 public=20040711,impact=moderate CVE-2004-0908 public=20040831,impact=moderate Worked out by Mark Cox Nov 2004: CVE-2003-0455 public=20030628,impact=important CVE-2004-0381 public=20040324,impact=low CVE-2004-0409 public=20040401,impact=low CVE-2004-0419 public=20040519,impact=moderate CVE-2004-0687 public=20040915,impact=moderate CVE-2004-0688 public=20040915,impact=moderate CVE-2004-0689 public=20040811,impact=moderate CVE-2004-0721 public=20040701,impact=low CVE-2004-0746 public=20040820,impact=moderate CVE-2004-0803 public=20041013,impact=important CVE-2004-0804 public=20041013,impact=moderate CVE-2004-0815 public=20040930,impact=important CVE-2004-0827 public=20040824,impact=important CVE-2004-0835 public=20040323,impact=moderate CVE-2004-0836 public=20040604,impact=important CVE-2004-0837 public=20040115,impact=moderate CVE-2004-0886 public=20041013,impact=moderate CVE-2004-0888 public=20041021,impact=important,source=vendorsec,reported=20041012 CVE-2004-0918 public=20041020,impact=important CVE-2004-0957 public=20041004,impact=important CVE-2004-0388 public=20040414,impact=low CVE-2004-0457 public=20040709,impact=low CVE-2004-0884 public=20041007,impact=important CVE-2004-0891 public=20041019,impact=important CVE-2004-0923 public=20041006,impact=low CVE-2004-0958 public=20041005,impact=important CVE-2002-0875 public=20020103,impact=low Worked out by Mark Cox Nov 2004: CVE-2004-0882 public=20041115,impact=important CVE-2004-0885 public=20041105,impact=moderate CVE-2004-0930 public=20041108,impact=moderate CVE-2004-0938 public=20040902,impact=moderate CVE-2004-0942 public=20041101,impact=important CVE-2004-0960 public=20040902,impact=moderate CVE-2004-0961 public=20040902,impact=moderate CVE-2004-0989 public=20041026,impact=moderate CVE-2004-0990 public=20041026,impact=important Worked out by Mark Cox Jan 2005: CVE-2004-0136 public=20041015,impact=important CVE-2004-0565 public=20040603,impact=moderate CVE-2004-0619 public=20040623,impact=moderate CVE-2004-0685 public=20040715,impact=moderate CVE-2004-0812 public=20040920,impact=important CVE-2004-0883 public=20041112,impact=important CVE-2004-0914 public=20041117,impact=moderate CVE-2004-0941 public=20041110,impact=moderate,source=redhat,reported=20041110 CVE-2004-0946 public=20041117,impact=moderate CVE-2004-0949 public=20041112,impact=important CVE-2004-0959 public=20040918,impact=moderate CVE-2004-0968 public=20040930,impact=low CVE-2004-0977 public=20040930,impact=low CVE-2004-0981 public=20041026,impact=important CVE-2004-0983 public=20041103,impact=moderate CVE-2004-1010 public=20041103,impact=low CVE-2004-1014 public=20041201,impact=important CVE-2004-1016 public=20041208,impact=important CVE-2004-1017 public=20041126,impact=moderate CVE-2004-1018 public=20041215,impact=low,source=secalert,reported=20041128 CVE-2004-1019 public=20041215,impact=important,source=secalert,reported=20041128 CVE-2004-1025 public=20040916,impact=moderate CVE-2004-1026 public=20040916,impact=moderate CVE-2004-1036 public=20041110,impact=moderate CVE-2004-1065 public=20041215,impact=important,source=secalert,reported=20041128 CVE-2004-1068 public=20041115,impact=important CVE-2004-1070 public=20041110,impact=important CVE-2004-1071 public=20041110,impact=important CVE-2004-1072 public=20041110,impact=important CVE-2004-1073 public=20041110,impact=moderate CVE-2004-1137 public=20041214,impact=important,source=vendorsec,reported=20041203 CVE-2004-1144 public=20041222,impact=important CVE-2004-1154 public=20041216,impact=important CVE-2004-1234 public=20040408,impact=important Worked out by Mark Cox Feb 2005: CVE-2001-1413 public=20011120,impact=moderate CVE-2003-0297 public=20030514,impact=low CVE-2003-0987 public=20031218,impact=low CVE-2004-0177 public=20040228,impact=low CVE-2004-0181 public=20040228,impact=low CVE-2004-0940 public=20041021,impact=moderate CVE-2004-0947 public=20041109,impact=low CVE-2004-0971 public=20040930,impact=low CVE-2004-1027 public=20041109,impact=low CVE-2004-1057 public=20050107,impact=moderate CVE-2004-1125 public=20041221,impact=moderate,source=idefense,reported=20041221 CVE-2004-1138 public=20041215,impact=low,source=vendorsec,reported=20041209 CVE-2004-1139 public=20041215,impact=moderate,source=vendorsec,reported=20041214 CVE-2004-1140 public=20041215,impact=moderate,source=vendorsec,reported=20041214 CVE-2004-1141 public=20041215,impact=moderate,source=vendorsec,reported=20041214 CVE-2004-1142 public=20041215,impact=moderate,source=vendorsec,reported=20041214 CVE-2004-1152 public=20041212,impact=important CVE-2004-1158 public=20041208,impact=important CVE-2004-1165 public=20041226,impact=moderate,reported=20050124,source=cve CVE-2004-1183 public=20050105,impact=low,source=vendorsec,reported=20041222 CVE-2004-1184 public=20050120,impact=low,source=vendorsec,reported=20050107 CVE-2004-1185 public=20050120,impact=low,source=vendorsec,reported=20050107 CVE-2004-1186 public=20050120,impact=low,source=vendorsec,reported=20050107 CVE-2004-1189 public=20041221,impact=moderate,source=mit,reported=20041214 CVE-2004-1235 public=20050106,impact=important,reported=20041222,source=vendorsec CVE-2004-1237 public=20040910,impact=important CVE-2004-1267 public=20041215,impact=important,reported=20041215,source=internet CVE-2004-1268 public=20041215,impact=important,reported=20041215,source=internet CVE-2004-1269 public=20041215,impact=important,reported=20041215,source=internet CVE-2004-1270 public=20041215,impact=important,reported=20041215,source=internet CVE-2004-1308 public=20041221,impact=important,source=idefense,reported=20041221 CVE-2004-1316 public=20041229,impact=low CVE-2004-1335 public=20041208,impact=important CVE-2005-0001 public=20050112,impact=important,source=vendorsec,reported=20050105 CVE-2005-0003 public=20050125,impact=important CVE-2005-0007 public=20050119,impact=moderate,source=vendorsec,reported=20050118 CVE-2005-0008 public=20050119,impact=moderate,source=vendorsec,reported=20050118 CVE-2005-0009 public=20050119,impact=moderate,source=vendorsec,reported=20050118 CVE-2005-0010 public=20050119,impact=moderate,source=vendorsec,reported=20050118 CVE-2005-0064 public=20050118,impact=important,reported=20050113,source=vendorsec CVE-2005-0075 public=20050122,impact=low,source=vendorsec,reported=20050115 CVE-2005-0077 public=20050125,impact=low,source=vendorsec,reported=20050119 CVE-2005-0078 public=20050126,impact=moderate CVE-2005-0084 public=20050119,impact=moderate,source=vendorsec,reported=20050118 CVE-2005-0086 public=20050119,impact=important CVE-2005-0088 public=20050210,impact=moderate,source=vendorsec,reported=20050130 CVE-2005-0100 public=20050206,impact=important,source=vendorsec,reported=20050127 CVE-2005-0103 public=20050122,impact=low,reported=20050122,source=vendorsec CVE-2005-0104 public=20050122,impact=low,reported=20050122,source=vendorsec CVE-2005-0155 public=20050201,impact=moderate,reported=20050130,source=vendorsec CVE-2005-0156 public=20050201,impact=important,reported=20050130,source=vendorsec CVE-2005-0202 public=20050209,impact=important,reported=20050207,source=vendorsec CVE-2005-0089 public=20050203,impact=important,source=upstream,reported=20050130 CVE-2005-0094 public=20050119,impact=important,reported=20050119,source=vendorsec CVE-2005-0095 public=20050119,impact=important,reported=20050119,source=vendorsec CVE-2005-0096 public=20050119,impact=important,reported=20050119,source=vendorsec CVE-2005-0097 public=20050119,impact=important,reported=20050119,source=vendorsec CVE-2005-0173 public=20050125,impact=important,reported=20050125,source=vendorsec CVE-2005-0174 public=20050125,impact=moderate,reported=20050125,source=vendorsec CVE-2005-0175 public=20050125,impact=moderate,reported=20050125,source=vendorsec CVE-2005-0211 public=20050128,impact=important,reported=20050128,source=vendorsec CVE-2005-0227 public=20050131,impact=important,source=internet,reported=20050131 CVE-2005-0241 public=20050131,impact=moderate,reported=20050131,source=vendorsec CVE-2005-0244 public=20050127,impact=moderate,reported=20050207,source=internet CVE-2005-0245 public=20050120,impact=moderate,reported=20050207,source=internet CVE-2005-0246 public=20050127,impact=low,reported=20050207,source=internet CVE-2005-0247 public=20050120,impact=moderate,reported=20050207,source=internet Worked out by Mark Cox Feb 2005 for RHEL3 missing: CVE-1999-1572 public=19960716,impact=low,reported=20051101,source=vendorsec CVE-2004-0174 public=20040319,impact=low CVE-2004-0452 public=20041223,impact=low,source=vendorsec,reported=20040606 CVE-2004-1145 public=20041220,impact=important,source=vendorsec,reported=20041216 CVE-2004-1236 public=20041223,impact=critical CVE-2005-0005 public=20050117,impact=moderate,reported=20050113,source=vendorsec CVE-2005-0006 public=20050119,impact=moderate,source=vendorsec,reported=20050118 CVE-2005-0021 public=20050104,impact=moderate,source=internet,reported=20050104 CVE-2005-0022 public=20050104,impact=moderate,source=internet,reported=20050104 CVE-2005-0069 public=20050109,impact=low,source=debian,reported=20050109 CVE-2005-0085 public=20051203,impact=moderate,source=secalert,reported=20050124 CVE-2005-0087 public=20050215,impact=moderate,source=redhat,reported=20050107 CVE-2005-0149 public=20050120,impact=moderate,reported=20050126,source=internet CVE-2005-0206 public=20041020,impact=important,source=redhat,reported=20050120 Missing during run of all RHEL advisories: CVE-2004-1056 public=20041214,impact=important,reported=20041214,source=internet CVE-2005-0090 public=20050218,impact=important,source=secalert,reported=20050104 CVE-2005-0091 public=20050218,impact=important,source=secalert,reported=20050104 CVE-2005-0092 public=20050218,impact=important,source=secalert,reported=20050104 CVE-2005-0176 public=20050215,impact=moderate,source=lkml,reported=20050215 CVE-2005-0177 public=20050215,impact=important,source=lkml,reported=20050225 CVE-2005-0178 public=20050215,impact=important,source=redhat,reported=20050115 CVE-2005-0179 public=20050107,impact=important,source=fulldisclosure,reported=20050107 CVE-2005-0180 public=20050107,impact=important,source=fulldisclosure,reported=20050107 CVE-2005-0204 public=20050126,impact=important,reported=20050126,source=bugzilla mjc March 1: CVE-2004-1156 public=20041208,impact=important,reported=20041209,source=internet CVE-2005-0198 public=20050127,impact=moderate CVE-2005-0231 public=20050207,impact=moderate,reported=20050210,source=internet CVE-2005-0232 public=20050207,impact=important,reported=20050210,source=internet CVE-2005-0233 public=20050207,impact=important,reported=20050210,source=internet CVE-2005-0255 public=20050228,impact=important,reported=20050228,source=internet CVE-2005-0527 public=20050225,impact=important,reported=20050228,source=internet CVE-2005-0578 public=20050224,impact=important,reported=20050228,source=internet CVE-2005-0584 public=20050224,impact=moderate,reported=20050228,source=internet CVE-2005-0585 public=20050104,impact=low,reported=20050228,source=internet CVE-2005-0586 public=20050224,impact=moderate,reported=20050228,source=internet CVE-2005-0588 public=20050224,impact=low,reported=20050228,source=internet CVE-2005-0589 public=20050224,impact=moderate,reported=20050228,source=internet CVE-2005-0590 public=20050224,impact=low,reported=20050228,source=internet CVE-2005-0591 public=20050224,impact=low,reported=20050228,source=internet CVE-2005-0592 public=20050224,impact=important,reported=20050228,source=internet CVE-2005-0593 public=20050224,impact=moderate,reported=20050228,source=internet # mjc 2005 March 30 including new captured metadata: CVE-2004-0906 impact=low,public=20040226,source=mozilla,reported=20050316 CVE-2004-1004 public=20050214,impact=important CVE-2004-1005 public=20050214,impact=important CVE-2004-1176 public=20041213,impact=low CVE-2004-1177 impact=important,public=20050110,source=bz,reported=20050211 CVE-2004-1380 impact=moderate,public=20050120,source=internet,reported=20050120 CVE-2004-1613 impact=moderate,public=20041018,source=mozilla,reported=20050316 CVE-2004-1761 impact=moderate,public=20040322 CVE-2005-0141 impact=low,public=20050119,source=internet,reported=20050120 CVE-2005-0142 impact=moderate,public=20050120,source=internet,reported=20050120 CVE-2005-0143 impact=low,public=20050120,source=internet,reported=20050120 CVE-2005-0144 impact=low,public=20050120,source=internet,reported=20050120 CVE-2005-0146 impact=moderate,public=20050120,source=internet,reported=20050120 CVE-2005-0147 impact=important,public=20050120 CVE-2005-0205 public=20050228,impact=low,source=vendorsec,reported=20050216 CVE-2005-0208 impact=important,public=20050224,reported=20050222,source=upstream CVE-2005-0237 impact=important,public=20050207,reported=20050304,source=vendorsec CVE-2005-0337 impact=low,public=20050131,reported=20050128,source=vendorsec CVE-2005-0365 impact=low,public=20050121,reported=20050304,source=vendorsec CVE-2005-0396 impact=moderate,public=20050316,source=vendorsec,reported=20050302 CVE-2005-0397 impact=moderate,public=20050202,reported=20050202,source=vendorsec CVE-2005-0398 impact=moderate,public=20050309,source=vendorsec,reported=20050119 CVE-2005-0399 impact=critical,public=20050323,source=mozilla,reported=20050310 CVE-2005-0401 impact=moderate,public=20050323,source=mozilla,reported=20050321 CVE-2005-0402 impact=moderate,public=20050323,reported=20050310,source=mozilla CVE-2005-0446 impact=moderate,public=20050213,reported=20050216,source=vendorsec CVE-2005-0455 impact=critical,public=20050301:2117,source=bugtraq,reported=20050301 CVE-2005-0468 impact=important,public=20050328,source=vendorsec,reported=20050218 CVE-2005-0469 impact=important,public=20050328,source=vendorsec,reported=20050218 CVE-2005-0472 impact=important,public=20050217,source=internet,reported=20050221 CVE-2005-0473 impact=important,public=20050217,source=internet,reported=20050221 CVE-2005-0611 impact=critical,public=20050302:1119,source=bugtraq,reported=20050302 CVE-2005-0664 impact=low,public=20040303,source=vendorsec,reported=20050304 CVE-2005-0667 impact=moderate,public=20050307,source=cve,reported=20050307 CVE-2005-0699 impact=moderate,public=20050311,source=vendorsec,reported=20050308 CVE-2005-0704 impact=moderate,public=20050311,source=vendorsec,reported=20050308 CVE-2005-0705 impact=moderate,public=20050311,source=vendorsec,reported=20050308 CVE-2005-0706 impact=moderate,public=20050309,source=secalert,reported=20050309 CVE-2005-0709 impact=important,public=20050311,source=vulnwatch,reported=20050311 CVE-2005-0710 impact=important,public=20050311,source=vulnwatch,reported=20050311 CVE-2005-0711 impact=important,public=20050311,source=vulnwatch,reported=20050311 CVE-2005-0739 impact=moderate,public=20050311,source=vendorsec,reported=20050308 CVE-2005-0759 impact=low,public=20040311,source=vendorsec,reported=20050304 CVE-2005-0760 impact=low,public=20040311,source=vendorsec,reported=20050304 CVE-2005-0761 impact=low,public=20040609,source=vendorsec,reported=20050304 CVE-2005-0762 impact=moderate,public=20040609,source=vendorsec,reported=20050304 CVE-2005-0765 impact=moderate,public=20050311,source=vendorsec,reported=20050308 CVE-2005-0766 impact=moderate,public=20050311,source=vendorsec,reported=20050308 # Mark Cox, 21 April 2005 from bugzilla data CVE-2004-1006 impact=moderate,public=20041102 CVE-2005-0135 impact=important,public=20050311,reported=20050121,source=vendorsec CVE-2005-0209 impact=important,public=20050124,source=lkml,reported=20050124 CVE-2005-0384 impact=important,source=vendorsec,reported=20050215,public=20050315 CVE-2005-0400 source=vendorsec,public=20050321,reported=20050321,impact=low CVE-2005-0449 impact=important,public=20050124,source=vendorsec,reported=20050207 CVE-2005-0490 impact=low,public=20050221,source=bugtraq,reported=20050221 CVE-2005-0529 public=20050215,impact=moderate,reported=20050130,source=vendorsec CVE-2005-0530 public=20050215,impact=important,reported=20050130,source=vendorsec CVE-2005-0531 public=20050215,impact=moderate,reported=20050130,source=vendorsec CVE-2005-0605 impact=moderate,public=20050301,source=vendorsec,reported=20050228 CVE-2005-0749 impact=important,public=20050318,source=vendorsec,reported=20050318 CVE-2005-0750 impact=important,reported=20050324,public=20050324,source=secalert CVE-2005-0815 public=20050317,source=bugtraq,reported=20050317,impact=moderate CVE-2005-0867 public=20050227,source=bk,reported=20050227,impact=moderate CVE-2005-0891 impact=important,public=20050326,source=gnome,reported=20050328 CVE-2005-0965 impact=important,public=20050401,source=bugtraq,reported=20050401 CVE-2005-0966 impact=important,public=20050401,source=bugtraq,reported=20050401 CVE-2005-0967 impact=moderate,public=20050328,source=gaim,reported=20050405 CVE-2005-0977 impact=moderate,public=20050205,reported=20050205,source=lkml CVE-2005-1061 reported=20030418,public=20041028,impact=moderate,source=secalert CVE-2005-0207 public=20050104,impact=important,source=redhat,reported=20050104 CVE-2005-0736 impact=important,source=vendorsec,reported=20050308,public=20050309 CVE-2005-0767 impact=moderate,public=20050208,reported=20050208,source=bk CVE-2005-0839 impact=important,reported=20050128,source=bk,public=20050128 CVE-2005-0755 impact=critical,public=20050419,source=real,reported=20050405 CVE-2005-1041 impact=important,public=20050319,source=bk,reported=20050319 # Firefox CVE-2005-0752 public=20050415,source=mozilla,reported=20050401,impact=important CVE-2005-0989 public=20050415,source=mozilla,reported=20050401,impact=important CVE-2005-1153 public=20050415,source=mozilla,reported=20050406,impact=moderate CVE-2005-1154 public=20050415,source=mozilla,reported=20050409,impact=moderate CVE-2005-1155 public=20050415,source=mozilla,reported=20050412,impact=important CVE-2005-1156 public=20050415,source=mozilla,reported=20050412,impact=moderate CVE-2005-1157 public=20050415,source=mozilla,reported=20050412,impact=moderate CVE-2005-1158 public=20050415,source=mozilla,reported=20050412,impact=important CVE-2005-1159 public=20050415,source=mozilla,reported=20050413,impact=moderate CVE-2005-1160 public=20050415,source=mozilla,reported=20050405,impact=important # Issues with new CVE names that we previously fixed, new Apr26 CVE-2004-0791 impact=low,public=20050412,reported=20040920,source=niscc CVE-2000-1220 public=20000108,impact=important CVE-2000-1221 public=20000108,impact=important CVE-2004-0814 impact=important,public=20040907 CVE-2004-1058 impact=low,public=20040823 CVE-2005-0137 reported=20050208,public=20050311,impact=important,source=vendorsec CVE-2005-0403 impact=important,public=20050308,source=bz,reported=20040902 CVE-2005-0753 impact=moderate,public=20050418,source=vendorsec,reported=20050322 CVE-2005-0941 impact=important,public=20050412,source=bugtraq,reported=20050412 # Mark Cox 12 May 2005 CVE-2004-1287 impact=low,public=20041215,source=bugtraq,reported=20041215 CVE-2004-1382 impact=low,public=20041024 CVE-2004-1392 impact=low,public=20041215,reported=20050211,source=internet CVE-2004-1453 impact=low,public=20040817 CVE-2004-1772 impact=low,public=20040406,source=cve,reported=20050329 CVE-2004-1773 impact=low,public=20041001,source=cve,reported=20050329 CVE-2004-1834 public=20040320,impact=moderate CVE-2005-0102 impact=low,source=vendorsec,reported=20050124,public=20050118 CVE-2005-0524 impact=moderate,public=20050331,source=idefense,reported=20050331 CVE-2005-0525 impact=moderate,public=20050331,source=idefense,reported=20050331 CVE-2005-0806 impact=moderate,source=cve,reported=20050320,public=20050320 CVE-2005-0990 impact=low,public=20050331,source=cve,reported=20050506 CVE-2005-1042 impact=moderate,public=20050331,source=php,reported=20050331 CVE-2005-1043 impact=moderate,public=20050331,source=php,reported=20050331 CVE-2005-1194 impact=low,public=20050331,source=redhat,reported=20050331 CVE-2005-1261 impact=critical,public=20050511,source=gaim,reported=20050505 CVE-2005-1262 impact=important,public=20050511,source=gaim,reported=20050508 CVE-2005-1278 impact=moderate,public=20050426,source=bugtraq,reported=20050426 CVE-2005-1279 impact=moderate,public=20050426,source=bugtraq,reported=20050426 CVE-2005-1280 impact=moderate,public=20050426,source=bugtraq,reported=20050426 # Security Innovation had some different first public dates to me, # after some research some of their dates were out, and they also # pointed out some issue which had a different (some earlier, some CVE-# later) first public date -- the following overide the earlier # dates and are agreed. CVE-2004-0957 public=20040529 CVE-2004-0178 public=20040326 CVE-2005-0003 public=20041217 CVE-2004-0885 public=20041001 CVE-2004-0918 public=20040924 CVE-2004-0558 public=20040821 CVE-2004-0403 public=20040331 CVE-2004-0769 public=20040515 CVE-2004-1165 public=20041205 CVE-2004-0981 public=20041006 CVE-2004-0958 public=20040915 CVE-2004-0500 public=20040805 CVE-2004-0752 public=20040804 CVE-2004-0113 public=20040220 CVE-2004-0233 public=20040403 CVE-2005-0173 public=20050110 CVE-2005-0784 public=20040812 CVE-2004-0785 public=20040812 CVE-2005-0096 public=20050108 CVE-2005-0097 public=20050108 CVE-2004-0504 public=20040503 CVE-2005-0227 public=20050121 CVE-2005-0094 public=20050112 CVE-2005-0095 public=20050112 CVE-2004-0520 public=20040523 CVE-2004-0685 public=20031023 CVE-2004-0923 public=20040930 CVE-2004-0565 public=20040528 CVE-2004-0959 public=20040915 CVE-2004-0495 public=20040617 CVE-2004-0409 public=20040405 CVE-2004-0983 public=20041108 CVE-2004-0946 public=20041122 CVE-2005-0174 public=20050131 CVE-2005-0175 public=20050131 CVE-2005-0247 public=20050201 CVE-2004-0904 public=20040827 CVE-2004-0938 public=20040920 CVE-2004-0960 public=20040920 CVE-2004-0804 public=20020315 CVE-2004-0961 public=20040920 CVE-2004-0457 public=20040818 CVE-2004-0812 public=20031108 CVE-2004-0176 public=20040304 # Mark Cox 20050531 CVE-2004-0175 impact=low,public=20000901,source=vendorsec,reported=20040301 CVE-2004-0491 public=20040621,impact=moderate CVE-2004-1074 public=20041111,impact=important CVE-2005-0013 impact=moderate,public=20050130,reported=20050108,source=vendorsec CVE-2005-0546 impact=moderate,public=20050214,reported=20050228,source=internet CVE-2005-0757 impact=moderate,reported=20041210,public=20050518,source=redhat CVE-2005-1046 impact=important,public=20050324,source=vendorsec,reported=20050324 CVE-2005-1275 impact=important,public=20050424,source=gentoo,reported=20050425 CVE-2005-1456 impact=moderate,public=20050504,source=vendorsec,reported=20050426 CVE-2005-1457 impact=moderate,public=20050504,source=vendorsec,reported=20050426 CVE-2005-1458 impact=moderate,public=20050504,source=vendorsec,reported=20050426 CVE-2005-1459 impact=moderate,public=20050504,source=vendorsec,reported=20050426 CVE-2005-1460 impact=moderate,public=20050504,source=vendorsec,reported=20050426 CVE-2005-1461 impact=moderate,public=20050504,source=vendorsec,reported=20050426 CVE-2005-1462 impact=moderate,public=20050504,source=vendorsec,reported=20050426 CVE-2005-1463 impact=moderate,public=20050504,source=vendorsec,reported=20050426 CVE-2005-1464 impact=moderate,public=20050504,source=vendorsec,reported=20050426 CVE-2005-1465 impact=moderate,public=20050504,source=vendorsec,reported=20050426 CVE-2005-1466 impact=moderate,public=20050504,source=vendorsec,reported=20050426 CVE-2005-1467 impact=moderate,public=20050504,source=vendorsec,reported=20050426 CVE-2005-1468 impact=moderate,public=20050504,source=vendorsec,reported=20050426 CVE-2005-1469 impact=moderate,public=20050504,source=vendorsec,reported=20050426 CVE-2005-1470 impact=moderate,public=20050504,source=vendorsec,reported=20050426 CVE-2005-1263 public=20050511,source=isec,reported=20050510,impact=important # Note the flaws below were not critical on RHEL due to our config CVE-2005-1476 public=20050508,impact=important,reported=20050509,source=mozilla CVE-2005-1477 public=20050508,impact=important,reported=20050509,source=mozilla CVE-2005-1531 public=20050518,impact=important,reported=20050509,source=mozilla CVE-2005-1532 public=20050518,impact=important,reported=20050509,source=mozilla # Mark Cox 29 June 2005 CVE-2002-1572 public=20020827,impact=moderate CVE-2002-1573 public=20020826,impact=moderate CVE-2003-0427 public=20030613,impact=low,source=cve,reported=20030613 CVE-2003-0644 impact=low,public=20030907,source=cve,reported=20050415 CVE-2004-0975 impact=low,public=20040930,reported=20040910,source=vendorsec CVE-2004-1009 public=20050114,impact=low CVE-2004-1090 public=20050114,impact=low CVE-2004-1091 public=20050114,impact=low CVE-2004-1093 public=20050114,impact=low CVE-2004-1174 public=20050114,impact=low CVE-2004-1175 public=20050114,impact=low CVE-2005-0109 impact=moderate,public=20050513,reported=20050226,source=vendorsec CVE-2005-0136 impact=important,public=20050311,reported=20050126,source=vendorsec CVE-2005-0201 impact=low,public=20050131,source=redhat,reported=20050131 CVE-2005-0372 impact=moderate,public=20050214,source=vendorsec,reported=20050214 CVE-2005-0488 impact=moderate,reported=20050218,public=20050614,source=vendorsec CVE-2005-0626 impact=low,public=20050302,source=gentoo,reported=20050302 CVE-2005-0718 impact=low,public=20050304,source=cve,reported=20050304 CVE-2005-0758 impact=low,source=redhat,reported=20040422,public=20050422 CVE-2005-0763 public=20050329,impact=moderate CVE-2005-0953 impact=low,public=20050330,source=bugtraq,reported=20050330 CVE-2005-0988 impact=low,public=20050404,source=bugtraq,reported=20050404 CVE-2005-1228 impact=low,public=20050418,reported=20050422,source=cve CVE-2005-1260 impact=low,public=20050215,source=vendorsec,reported=20050504 CVE-2005-1264 impact=moderate,source=redhat,reported=20050511,public=20050517 CVE-2005-1266 public=20050615,impact=moderate,source=asf,reported=20050528 CVE-2005-1267 impact=low,source=vendorsec,reported=20050531,public=20050606 CVE-2005-1269 public=20050609,impact=moderate,source=gaim,reported=20050604 CVE-2005-1345 impact=low,public=20050304,source=squid,reported=20050207 CVE-2005-1409 impact=moderate,public=20050502,source=postgresql,reported=20050503 CVE-2005-1410 impact=moderate,public=20050502,source=postgresql,reported=20050503 CVE-2005-1431 impact=moderate,public=20050428,source=cve,reported=20050503 CVE-2005-1454 impact=moderate,public=20050504,source=debian,reported=20050505 CVE-2005-1455 impact=moderate,public=20050504,source=debian,reported=20050505 CVE-2005-1519 impact=low,public=20050511,source=vendorsec,reported=20050511 CVE-2005-1686 public=20050520,impact=moderate,source=gentoo,reported=20050520 CVE-2005-1739 impact=moderate,public=20050425,reported=20050525,source=cve CVE-2005-1760 impact=moderate,reported=20050601,source=it,public=20050613 CVE-2005-1766 public=20050623,impact=critical,source=real,reported=20050608 CVE-2005-1934 public=20050609,impact=moderate,source=gaim,reported=20050608 CVE-1999-0710 impact=low,public=19990725,source=squid,reported=20050426 # Mark Cox 7th July 2005 CVE-2005-1993 public=20050620,impact=moderate,source=vendorsec,reported=20050620 CVE-2005-2096 public=20050706,impact=important,source=vendorsec,reported=20060630 # Mark Cox 19th July 2005 CVE-2004-2154 public=20040505,impact=moderate,reported=20050704,source=bz CVE-2005-1174 impact=important,public=20050712,source=mit,reported=20050426 CVE-2005-1175 impact=moderate,public=20050712,source=mit,reported=20050426 CVE-2005-1625 source=adobe,reported=20050706,impact=critical,public=20050706 CVE-2005-1689-RHSA-2005:567 impact=important,public=20050712,source=mit,reported=20050526 CVE-2005-1689 impact=critical,public=20050712,source=mit,reported=20050526 CVE-2005-1751 impact=low,public=20050524,source=vendorsec,reported=20050526 CVE-2005-1841 source=secalert,reported=20050612,impact=moderate,public=20050707 CVE-2005-1921 impact=important,public=20050629,source=vendorsec,reported=20050529 # Mark Cox 29th July 2005 CVE-2004-1307 impact=moderate,public=20041221 CVE-2005-1111 impact=moderate,public=20050413,source=bugtraq,reported=20050413 CVE-2005-1268 public=20050608,impact=low,source=asf,reported=20050601 CVE-2005-1848 impact=moderate,source=vendorsec,reported=20050628,public=20050711 CVE-2005-1849 public=20050820,impact=important,source=vendorsec,reported=20060711 CVE-2005-1852 public=20050721,impact=critical,source=vendorsec,reported=20050721 CVE-2005-1920 impact=moderate,reported=20050712,public=20050718,source=vendorsec CVE-2005-1937 impact=important,source=mozilla,public=20050606,reported=20050712 CVE-2005-2088 public=20050612,impact=moderate,reported=20050701,source=bugtraq CVE-2005-2260 impact=moderate,source=mozilla,public=20050712,reported=20050712 CVE-2005-2261 impact=low,source=mozilla,public=20050712,reported=20050712 CVE-2005-2262 impact=moderate,source=mozilla,public=20050712,reported=20050712 CVE-2005-2263 impact=moderate,source=mozilla,public=20050712,reported=20050712 CVE-2005-2264 impact=important,source=mozilla,public=20050712,reported=20050712 CVE-2005-2265 impact=important,source=mozilla,public=20050712,reported=20050712 CVE-2005-2266 impact=moderate,source=mozilla,public=20050712,reported=20050712 CVE-2005-2267 impact=moderate,source=mozilla,public=20050712,reported=20050712 CVE-2005-2268 impact=low,source=mozilla,public=20050607,reported=20050712 CVE-2005-2269 impact=moderate,source=mozilla,public=20050712,reported=20050712 CVE-2005-2270 impact=important,source=mozilla,public=20050712,reported=20050712 CVE-2005-2335 impact=important,reported=20050721,public=20050721,source=internet # Mark Cox 10th August 2005 CVE-2002-1914 impact=low,public=20020717,source=cve,reported=20020717 CVE-2005-0210 impact=moderate,public=20050130,source=vendorsec,reported=20050222 CVE-2005-0937 impact=important,public=20050222,reported=20050222,source=lkml CVE-2005-1769 public=20050615,impact=moderate,source=vendorsec,reported=20050612 CVE-2005-1992 public=20050617,impact=moderate,source=debian,reported=20050620 CVE-2005-2095 public=20050713,impact=moderate,source=vendorsec,reported=20050701 CVE-2005-2097 impact=important,source=vendorsec,reported=20050721,public=20050809 CVE-2005-2102 impact=low,public=20050808,reported=20050808,source=gaim CVE-2005-2103 impact=critical,public=20050808,reported=20050808,source=gaim CVE-2005-2104 impact=low,embargo=20050727,source=secalert,reported=20050711,public=20050809 CVE-2005-2177 impact=low,public=20050701,source=cve,reported=20050711 CVE-2005-2370 impact=low,public=20050721,reported=20050729,source=debian # Mark Cox 16th August 2005 CVE-2005-2360 impact=low,public=20050727,reported=20050725,source=vendorsec CVE-2005-2361 impact=low,public=20050727,reported=20050725,source=vendorsec CVE-2005-2362 impact=low,public=20050727,reported=20050725,source=vendorsec CVE-2005-2363 impact=low,public=20050727,reported=20050725,source=vendorsec CVE-2005-2364 impact=low,public=20050727,reported=20050725,source=vendorsec CVE-2005-2365 impact=moderate,public=20050727,reported=20050725,source=vendorsec CVE-2005-2366 impact=low,public=20050727,reported=20050725,source=vendorsec CVE-2005-2367 impact=moderate,public=20050727,reported=20050725,source=vendorsec # Mark Cox 31st August 2005 CVE-2005-0504 impact=moderate,public=20050110 CVE-2005-1761 reported=20050607,impact=important,source=bugzilla,public=20050621 CVE-2005-1768 source=secalert,reported=20050612,impact=important,public=20050704 CVE-2005-2368 impact=low,public=20050725,reported=20050726,source=debian CVE-2005-2369 public=20050721,impact=important,source=vendorsec,reported=20050721 CVE-2005-2448 public=20050721,impact=important,source=vendorsec,reported=20050721 CVE-2005-2470 impact=critical,source=adobe,reported=20050816,public=20050816 CVE-2005-2471 impact=low,public=20050724,reported=20050725,source=debian CVE-2005-2498 impact=important,public=20050814,source=vendorsec,reported=20050812 CVE-2005-2499 impact=low,public=20050812,reported=20050808,source=redhat CVE-2005-2549 impact=important,source=gnome,reported=20050805,public=20050810 CVE-2005-2550 impact=moderate,source=gnome,reported=20050805,public=20050810 CVE-2005-2665 impact=critical,public=20050820,source=fulldisclosure,reported=20050820 # Mark Cox 16th September 2005 CVE-2004-2479 impact=low,reported=20050824,public=20041123,source=cve CVE-2005-2491 impact=moderate,public=20050801,source=secalert,reported=20050801 CVE-2005-2495 impact=important,reported=20050819,public=20050908,source=redhat CVE-2005-2693 impact=low,reported=20050819,source=vendorsec CVE-2005-2700 impact=important,public=20050830,source=mailinglist,reported=20050830 CVE-2005-2728 impact=moderate,public=20040707,source=cve,reported=20040707 CVE-2005-2794 impact=important,reported=20050902,public=20050901,source=squid CVE-2005-2796 impact=important,reported=20050902,public=20050901,source=squid # Mark Cox 23rd September 2005 CVE-2005-2693 impact=low,reported=20050819,source=vendorsec,public=20050819 CVE-2005-2701 impact=critical,reported=20050915,public=20050922,source=mozilla CVE-2005-2702 impact=critical,reported=20050915,public=20050922,source=mozilla CVE-2005-2703 impact=important,reported=20050915,public=20050922,source=mozilla CVE-2005-2704 impact=moderate,reported=20050915,public=20050922,source=mozilla CVE-2005-2705 impact=critical,reported=20050915,public=20050922,source=mozilla CVE-2005-2706 impact=moderate,reported=20050915,public=20050922,source=mozilla CVE-2005-2707 impact=moderate,reported=20050915,public=20050922,source=mozilla CVE-2005-2871 impact=critical,reported=20050909,source=fulldisclosure,public=20050909 CVE-2005-2968 impact=important,public=20050906,reported=20050913,source=xchat # Mark Cox, 10th October 2005 CVE-2004-0967 impact=low,public=20040930,reported=20040910,source=vendorsec CVE-2004-1487 impact=low,public=20041210,source=bugtraq,reported=20041210 CVE-2004-1488 impact=low,public=20041210,source=bugtraq,reported=20041210 CVE-2004-2014 impact=low,public=20040516,source=cve,reported=20050511 CVE-2004-2069 impact=low,public=20040127,reported=bugzilla,reported=20050504 CVE-2005-0124 impact=moderate,public=20050110,reported=20050110,source=bk CVE-2005-0448 impact=low,public=20050309,source=cve,reported=20050314 CVE-2005-0756 impact=important,public=20050517,reported=20050517,source=lkml CVE-2005-1038 impact=low,public=20050406,source=cve,reported=20050410 CVE-2005-1636 impact=low,public=20050517,reported=20050517,source=cve CVE-2005-1704 impact=low,public=20050525,reported=20050504,source=vendorsec CVE-2005-1705 impact=low,public=20050525,reported=20050520,source=vendorsec CVE-2005-1740 impact=low,public=20050518,reported=20050525,source=cve CVE-2005-1762 impact=important,public=20050517,reported=20050411,source=redhat CVE-2005-1767 impact=important,public=20050630,reported=20050527 CVE-2005-2456 impact=important,public=20050725,source=lkml,reported=20050725 CVE-2005-2490 impact=important,reported=20050817,source=redhat,public=20050908 CVE-2005-2553 impact=important,public=20050106,source=lkml,reported=20050106 CVE-2005-2555 impact=important,public=20050806,source=cve,reported=20050816 CVE-2005-2798 impact=moderate,reported=20050901,public=20050901,source=debian CVE-2005-2874 impact=moderate,reported=20050912,public=20050107,source=bugzilla # Mark Cox, 17th October 2005 CVE-2001-1494 public=20011212,impact=low,source=cve,reported=20050621 CVE-2005-1265 public=20050519,impact=important,source=bk,reported=20050519 CVE-2005-1763 impact=important,reported=20050601,source=vendorsec,public=20050520 CVE-2005-2069 impact=moderate,public=20050628,source=vendorsec,reported=20050628 CVE-2005-2098 source=redhat,reported=20050803,public=20050804,impact=important CVE-2005-2099 source=redhat,reported=20050803,public=20050804,impact=important CVE-2005-2100 reported=20041222,impact=important,public=20051005,source=it CVE-2005-2492 reported=20050821,impact=important,public=20050909,source=redhat CVE-2005-2641 impact=low,public=20050822,source=redhat,reported=20050816 CVE-2005-2710 impact=critical,reported=20050908,public=20050926,source=real CVE-2005-2801 public=20050205,source=bk,reported=20050205,impact=moderate CVE-2005-2872 public=20050509,impact=important,source=cve,reported=20050907 CVE-2005-2876 impact=moderate,public=20050913,source=bugtraq,reported=20050913 CVE-2005-2969 impact=moderate,source=openssl,public=20051011,reported=20051004 CVE-2005-3105 public=20050328,impact=important,source=lkml,reported=20050328 CVE-2005-3107 public=20050111,impact=low,source=lkml,reported=20051010 CVE-2005-3120 reported=20051008,public=20051017,impact=critical,source=vendorsec CVE-2004-0823 impact=low,public=20040907,source=cve,reported=20050414 CVE-2004-2392 impact=low,source=bugzilla,reported=20040406,public=20040406 # Mark Cox, 27th Oct 2005 CVE-2005-2337 impact=moderate,source=mailinglist,public=20050923,reported=20050923 CVE-2005-2977 impact=low,source=redhat,public=20051026,reported=20050913 CVE-2005-2978 impact=moderate,source=redhat,public=20051018,reported=20050914 CVE-2005-3088 impact=low,source=redhat,public=20051021,reported=20051021 CVE-2005-3178 impact=low,source=bugtraq,public=20051005,reported=20051005 CVE-2005-3184 reported=20051014,public=20051019,impact=moderate,source=vendorsec CVE-2005-3241 reported=20051014,public=20051019,impact=low,source=vendorsec CVE-2005-3242 reported=20051014,public=20051019,impact=low,source=vendorsec CVE-2005-3243 reported=20051014,public=20051019,impact=moderate,source=vendorsec CVE-2005-3244 reported=20051014,public=20051019,impact=low,source=vendorsec CVE-2005-3245 reported=20051014,public=20051019,impact=low,source=vendorsec CVE-2005-3246 reported=20051014,public=20051019,impact=low,source=vendorsec CVE-2005-3247 reported=20051014,public=20051019,impact=low,source=vendorsec CVE-2005-3248 reported=20051014,public=20051019,impact=low,source=vendorsec CVE-2005-3249 reported=20051014,public=20051019,impact=low,source=vendorsec CVE-2005-3273 reported=20041216,source=lkml,public=20041216,impact=moderate CVE-2005-3274 public=20050628,impact=important,source=cve,reported=20050628 CVE-2005-3275 public=20050722,impact=important,source=cve,reported=20050722 CVE-2005-3053 reported=20050921,public=20050801,source=it,impact=important CVE-2005-3108 public=20050517,impact=moderate,source=cve,reported=20050517 CVE-2005-3110 public=20050314,impact=important,source=cve,reported=20050314 CVE-2005-3119 reported=20051007,source=vendorsec,public=20051008,impact=important CVE-2005-3180 public=20051004,impact=important,source=bk,reported=20051004 CVE-2005-3181 public=20051007,impact=important,reported=20051010,source=lkml # Mark Cox 11 Nov 2005 CVE-2005-2628 impact=critical,public=20051104,reported=20051107,source=macromedia CVE-2005-2629 impact=critical,reported=20050819,public=20051110,source=real CVE-2005-2672 impact=low,reported=20050824,public=20050814,source=vendorsec CVE-2005-2974 impact=important,source=vendorsec,public=20051103,reported=20051021 CVE-2005-3185 reported=20051012,public=20051012,impact=important,source=vendorsec CVE-2005-3350 impact=important,source=vendorsec,public=20051103,reported=20051021 CVE-2005-3353 impact=moderate,public=20051002,reported=20051104,source=php CVE-2005-3388 impact=low,public=20051031,source=fulldisclosure,reported=20051031 CVE-2005-3389 impact=low,public=20051031,source=fulldisclosure,reported=20051031 CVE-2005-3390 impact=moderate,public=20051031,source=fulldisclosure,reported=20051031 # Mark Cox 17 Nov 2005... times are in UTC CVE-2005-2114 public=20050629,impact=moderate,source=mozilla,reported=20050712 CVE-2005-2929 impact=critical,public=20051111:1645,reported=20051111,source=fulldisclosure CVE-2005-2975 reported=20051027,public=20051115:1400,impact=important,source=vendorsec CVE-2005-2976 reported=20051027,public=20051115:1400,impact=important,source=vendorsec CVE-2005-3089 impact=low,public=20050725:2256,reported=20050915,source=mozilla CVE-2005-3186 reported=20051013,public=20051103,impact=important,source=idefense CVE-2005-2933 impact=moderate,source=bugtraq,public=20051004,reported=20051005 CVE-2005-3352 impact=moderate,public=20051212,reported=20051212,source=asf CVE-2004-0976 impact=low,public=20040930,reported=20040910,source=vendorsec CVE-2005-3191 impact=important,reported=20051103,public=20051206,source=xpdf CVE-2005-3192 impact=important,reported=20051103,public=20051206,source=xpdf CVE-2005-3193 impact=important,reported=20051103,public=20051206,source=xpdf CVE-2005-3631 impact=important,public=20051220,reported=20051201,source=secalert CVE-2005-3632 impact=moderate,public=20051112,reported=20051116,source=vendorsec CVE-2005-3662 impact=moderate,public=20051112,reported=20051112,source=vendorsec CVE-2005-3962 impact=moderate,source=fulldisclosure,public=20051201,reported=20051201 CVE-2005-4077 impact=moderate,public=20051207,reported=20051207,source=fulldisclosure # mjc@redhat.com 20060105 # CVE-2005-2970 impact=low,source=cve,public=20051025,reported=20051025 CVE-2005-3352 impact=moderate,public=20051212,reported=20051212,source=asf CVE-2005-3357 impact=low,source=asf,reported=20051212,public=20051205 # mjc@redhat.com 20060123 # CVE-2002-2185 public=20020625,impact=moderate,reported=20051202,source=internet CVE-2004-1190 public=20040730,impact=moderate,source=lkml,reported=20040812 CVE-2005-2458 impact=low,source=vendorsec,public=19990625,reported=20050803 CVE-2005-2709 impact=moderate,reported=20050919,public=20051108:1400,source=redhat CVE-2005-2800 public=20050827,source=vendorsec,impact=moderate,reported=20050827 CVE-2005-3044 reported=20050914,source=vendorsec,public=20050909,impact=important CVE-2005-3106 public=20050115,impact=important,source=cve,reported=20050115 CVE-2005-3109 impact=moderate,public=20050501,source=cve,reported=20050501 CVE-2005-3276 impact=low,public=20050727,source=lkml,reported=20050727 CVE-2005-3313 impact=moderate,public=20051023,reported=20051026,source=vendorsec CVE-2005-3356 reported=20050923,impact=important,source=redhat,public=20060114 CVE-2005-3358 public=20051213,reported=20051213,source=redhat,impact=important CVE-2005-3624 impact=important,reported=20051211,public=20060103,source=vendorsec CVE-2005-3625 impact=important,reported=20051211,public=20060103,source=vendorsec CVE-2005-3626 impact=important,reported=20051211,public=20060103,source=vendorsec CVE-2005-3627 impact=important,reported=20051211,public=20060103,source=vendorsec CVE-2005-3628 impact=important,reported=20051103,public=20051206,source=vendorsec CVE-2005-3651 source=fulldisclosure,public=20051209:2145,reported=20051209:2145,impact=moderate CVE-2005-3656 impact=critical,reported=20060105:1639,public=20060109:2216,source=idefense CVE-2005-3745 impact=low,public=20051121,reported=20051122,source=cve CVE-2005-3784 source=vendorsec,reported=20051123,public=20051110,impact=important CVE-2005-3806 reported=20051124,source=vendorsec,public=20051025,impact=important CVE-2005-3848 public=20050818,reported=20051128,source=cve,impact=important CVE-2005-3857 public=20051113,reported=20051128,source=cve,impact=moderate CVE-2005-3858 public=20050826,reported=20051128,source=cve,impact=important CVE-2005-4585 source=gentoo,public=20051227,reported=20051227,impact=low CVE-2005-4605 reported=20051230,source=fulldisclosure,public=20051223,impact=important CVE-2006-0150 impact=critical,reported=20060109,source=cve,public=20060109:1836 CVE-2005-2708 source=bz,reported=20050628,public=20050628,impact=important CVE-2005-2973 reported=20051014,source=vendorsec,impact=important,public=20051004 CVE-2006-0019 impact=critical,reported=20060110,public=20060119:1700,source=vendorsec CVE-2005-4134 impact=moderate,public=20051203,reported=20051203,source=frsirt CVE-2006-0292 impact=critical,public=20060202,reported=20060127,source=mozilla CVE-2006-0296 impact=important,public=20060202,reported=20060127,source=mozilla # mjc, 20060213 CVE-2006-0301 impact=important,public=20060105,reported=20060126,source=vendorsec CVE-2006-0481 impact=moderate,public=20041203,reported=20051219,source=redhat CVE-2006-0645 reported=20060209,source=gentoo,public=20060209:1538,impact=important CVE-2005-4601 reported=20060101,public=20051229,source=cve,impact=moderate CVE-2006-0082 reported=20060104,public=20060104,source=debian,impact=moderate # mjc, 20060224 CVE-2003-0986 reported=20031210,source=it,impact=important,public=20031215 CVE-2005-0638 impact=low,public=20050218,source=cve,reported=20050304 CVE-2001-1572 public=20020827,impact=moderate CVE-2002-1568 public=20031002,impact=important CVE-2005-1918 impact=low,public=20030721,reported=20030621 CVE-2006-0709 source=debian,reported=20060213,public=20060212,impact=important # mjc, 20060307 CVE-2005-2917 impact=moderate,reported=20050915,public=20050915,source=squid CVE-2005-3351 impact=moderate,public=20050905,reported=20051020,source=internet CVE-2005-3629 impact=moderate,public=20050307,reported=20051202,source=bugzilla CVE-2006-0095 reported=20060106,source=lkml,public=20060104,impact=moderate CVE-2006-0225 impact=low,reported=20050913,public=20050928,source=redhat CVE-2006-0300 impact=moderate,source=redhat,reported=20060202,public=20050617 # mjc, 20060315 CVE-2005-3510 public=20051103,impact=moderate,source=fulldisclosure,reported=20051107 CVE-2005-3573 impact=moderate,public=20050912,reported=20051114,source=debian CVE-2005-4153 source=cve,reported=20051211,impact=moderate,public=20050901 CVE-2006-0049 source=vendorsec,reported=20060305,public=20060309,impact=important CVE-2006-0455 source=vendorsec,reported=20060213,public=20060215,impact=moderate CVE-2006-0746 impact=important,public=20060103,reported=20060307,source=vendorsec # mjc 20060323 CVE-2005-2922 impact=critical,reported=20050916,public=20060322,source=real # note the issue above was public a long time after the issue was # fixed, this is because some vendors like to fix issues and disclose # them later believing that only releasing binaries saves you CVE-2006-0024 reported=20060315,source=press,public=20060314,impact=critical CVE-2006-0058 source=cert,reported=20060308,public=20060322:1600,impact=critical CVE-2006-0323 impact=critical,reported=20060302,source=real,public=20060322:2000 # mjc 20060416 # CVE-2005-3964 impact=moderate,public=20051202,reported=20051202,source=fulldisclosure CVE-2005-4744 impact=low,reported=20050501,source=vendorsec,public=20050909 CVE-2006-0749 source=mozilla,reported=20051213,impact=critical,public=20060414 CVE-2006-1354 source=secalert,reported=20060321,public=20060320,impact=important CVE-2006-1724 source=mozilla,impact=critical,public=20060414,reported=20060412 CVE-2006-1727 source=mozilla,impact=moderate,public=20060414,reported=20060412 CVE-2006-1728 source=mozilla,impact=critical,public=20060414,reported=20060412 CVE-2006-1729 source=mozilla,impact=moderate,public=20060414,reported=20060412 CVE-2006-1730 source=mozilla,impact=critical,public=20060414,reported=20060412 CVE-2006-1731 source=mozilla,impact=moderate,public=20060414,reported=20060412 CVE-2006-1732 source=mozilla,impact=moderate,public=20060414,reported=20060412 CVE-2006-1733 source=mozilla,impact=critical,public=20060414,reported=20060412 CVE-2006-1734 source=mozilla,impact=critical,public=20060414,reported=20060412 CVE-2006-1735 source=mozilla,impact=critical,public=20060414,reported=20060412 CVE-2006-1737 source=mozilla,impact=critical,public=20060414,reported=20060412 CVE-2006-1738 source=mozilla,impact=critical,public=20060414,reported=20060412 CVE-2006-1739 source=mozilla,impact=critical,public=20060414,reported=20060412 CVE-2006-1740 source=mozilla,impact=low,public=20060414,reported=20060412 CVE-2006-1741 source=mozilla,impact=moderate,public=20060414,reported=20060412 CVE-2006-1742 source=mozilla,impact=critical,public=20060414,reported=20060412 CVE-2006-1790 source=mozilla,impact=critical,public=20060414,reported=20060412 CVE-2006-1045 reported=20060307,source=cve,public=20060228,impact=moderate # Some of these issues above have a different severity for # thunderbird CVE-2006-1724-RHSA-2006:0330 source=mozilla,impact=moderate,public=20060414 CVE-2006-1728-RHSA-2006:0330 source=mozilla,impact=moderate,public=20060414 CVE-2006-1732-RHSA-2006:0330 source=mozilla,impact=low,public=20060414 CVE-2006-1733-RHSA-2006:0330 source=mozilla,impact=moderate,public=20060414 CVE-2006-1734-RHSA-2006:0330 source=mozilla,impact=moderate,public=20060414 CVE-2006-1735-RHSA-2006:0330 source=mozilla,impact=moderate,public=20060414 CVE-2006-1737-RHSA-2006:0330 source=mozilla,impact=moderate,public=20060414 CVE-2006-1738-RHSA-2006:0330 source=mozilla,impact=moderate,public=20060414 CVE-2006-1739-RHSA-2006:0330 source=mozilla,impact=moderate,public=20060414 CVE-2006-1741-RHSA-2006:0330 source=mozilla,impact=low,public=20060414 CVE-2006-1742-RHSA-2006:0330 source=mozilla,impact=moderate,public=20060414 CVE-2006-1790-RHSA-2006:0330 source=mozilla,impact=moderate,public=20060414 # mjc 20060425 CVE-2005-3732 impact=low,public=20051120,reported=20051121,source=internet CVE-2005-3883 impact=moderate,public=20051124,reported=20051128,source=secunia CVE-2006-0208 impact=low,public=20060112,reported=20060113,source=secunia CVE-2006-0996 impact=low,reported=20060330,source=internet,public=20060330 CVE-2006-1490 impact=moderate,public=20060328,reported=20060328,source=fulldisclosure CVE-2006-0748 impact=critical,source=mozilla,reported=20060412,public=20060421 CVE-2006-0884 impact=moderate,source=mozilla,reported=20060412,public=20060421 # mjc 20060504 CVE-2006-0188 source=secunia,reported=20060222,public=20060201,impact=moderate CVE-2006-0195 source=secunia,reported=20060222,public=20060210,impact=moderate CVE-2006-0377 source=secunia,reported=20060222,public=20060215,impact=moderate CVE-2006-1546 public=20060322,reported=20060323,source=apacheannounce,impact=moderate CVE-2006-1547 public=20060322,reported=20060323,source=apacheannounce,impact=moderate CVE-2006-1548 public=20060322,reported=20060323,source=apacheannounce,impact=moderate CVE-2006-1550 reported=20060329,source=secalert,public=20060329,impact=moderate CVE-2006-1932 public=20060424,impact=low,reported=20060419,source=vendorsec CVE-2006-1933 public=20060424,impact=low,reported=20060419,source=vendorsec CVE-2006-1934 public=20060424,impact=moderate,reported=20060419,source=vendorsec CVE-2006-1935 public=20060424,impact=moderate,reported=20060419,source=vendorsec CVE-2006-1936 public=20060424,impact=moderate,reported=20060419,source=vendorsec CVE-2006-1937 public=20060424,impact=low,reported=20060419,source=vendorsec CVE-2006-1938 public=20060424,impact=low,reported=20060419,source=vendorsec CVE-2006-1939 public=20060424,impact=low,reported=20060419,source=vendorsec CVE-2006-1940 public=20060424,impact=low,reported=20060419,source=vendorsec # mjc 20060515 CVE-2005-4798 impact=moderate,source=bugzilla,reported=20050925,public=20050925 CVE-2006-1526 source=vendorsec,reported=20060423,public=20060502:1400,impact=important CVE-2006-1931 impact=moderate,reported=20060412,source=mailinglist,public=20050630 CVE-2006-2024 source=vendorsec,reported=20060411,public=20060303,impact=important CVE-2006-2025 source=vendorsec,reported=20060411,public=20060303,impact=important CVE-2006-2026 source=vendorsec,reported=20060411,public=20060303,impact=important CVE-2006-2120 source=vendorsec,reported=20060426,public=20060208,impact=moderate # mjc 20060524 CVE-2003-1294 reported=20031103,impact=low,public=20031128,source=vendorsec CVE-2004-2655 impact=moderate,reported=20060406,source=it,public=20040512 CVE-2005-3272 public=20050529,impact=moderate,source=cve,reported=20050529 CVE-2005-3359 reported=20051214,public=20051214,source=redhat,impact=important CVE-2006-0451 reported=20060124,source=secalert,impact=moderate,public=20050214 CVE-2006-0452 reported=20060124,source=secalert,impact=moderate,public=20050214 CVE-2006-0453 reported=20060124,source=secalert,impact=moderate,public=20050214 CVE-2006-0555 reported=20060215,source=vendorsec,impact=important,public=20060227:1600 CVE-2006-0591 impact=low,public=20060207,reported=20060105,source=vendorsec CVE-2006-0741 reported=20060226,source=bk,impact=important,public=20060226 CVE-2006-0744 reported=20060307,source=redhat,public=20060309,impact=important CVE-2006-1522 impact=important,source=secalert,reported=20060407,public=20060410 CVE-2006-1525 impact=important,source=kernelbugzilla,reported=20060414,public=20060414 CVE-2006-1527 impact=important,source=lkml,reported=20060502,public=20060502 CVE-2006-1528 public=20050830,impact=important,reported=20050920,source=lkml CVE-2006-1864 impact=moderate,source=secalert,reported=20060417,public=20060426 CVE-2006-1990 source=bugtraq,reported=20060424,public=20060424,impact=low CVE-2006-2271 impact=moderate,source=vendorsec,reported=20060509,public=20060508 CVE-2006-2272 impact=moderate,source=vendorsec,reported=20060509,public=20060508 CVE-2006-2274 impact=moderate,source=vendorsec,reported=20060509,public=20060509 CVE-2006-2313 public=20050523,source=postgresql,impact=important,reported=20060518 CVE-2006-2314 public=20050523,source=postgresql,impact=important,reported=20060518 CVE-2006-1856 impact=moderate,source=bugzilla,reported=20060512,public=20050928 CVE-2006-1855 source=bugzilla,reported=20060403,impact=important,public=20060518 CVE-2006-1862 impact=important,source=it,reported=20060418,public=20060518 # mjc 20060606 CVE-2006-2223 impact=moderate,source=cve,public=20060503,reported=20060505 CVE-2006-2224 impact=moderate,source=cve,public=20060503,reported=20060505 CVE-2006-2276 source=cve,reported=20060510,public=20060329,impact=moderate CVE-2006-2453 source=vendorsec,impact=moderate,reported=20060518,public=20060506 CVE-2006-2480 impact=low,reported=20050821,public=20040510,source=cve # mjc 20060612 CVE-2006-0052 reported=20060328,source=vendorsec,public=20050606,impact=moderate CVE-2006-0903 source=secunia,reported=20060227,impact=low,public=20060220 CVE-2006-1516 impact=moderate,source=vendorsec,public=20060502,reported=20060503 CVE-2006-1517 impact=moderate,source=vendorsec,public=20060502,reported=20060503 CVE-2006-2447 impact=moderate,source=asf,public=20060606,reported=20060601 CVE-2006-2753 source=redhat,reported=20060519,impact=important,public=20060531 # mjc 20060626 CVE-2002-2215 source=cve,public=20020907,impact=moderate,reported=20020907 CVE-2003-1302 source=cve,public=20030204,impact=moderate,reported=20030204 CVE-2003-1303 source=cve,public=20030612,impact=important,reported=20030612 CVE-2006-2449 impact=important,source=vendorsec,reported=20060609,public=20060614 CVE-2006-3081 source=cve,reported=20060619,impact=low,public=20060614 CVE-2004-0138 public=20041015,impact=important # mjc 20060705 CVE-2006-1173 impact=important,source=cert,public=20060614:16,reported=20060509 CVE-2006-2198 impact=important,source=openoffice,reported=20060609,public=20060629 CVE-2006-2199 impact=important,source=openoffice,reported=20060626,public=20060629 CVE-2006-2842 impact=moderate,source=bugtraq,reported=20060601,public=20060601 CVE-2006-3117 impact=important,source=openoffice,reported=20060626,public=20060629 # mjc 20060713 CVE-2005-3055 impact=moderate,public=20050925,source=lkml,reported=20050925 CVE-2006-0254 reported=20060117,source=cve,public=20060115,impact=moderate CVE-2006-1056 impact=important,source=vendorsec,reported=20060404,public=20060419 CVE-2006-1342 impact=low,source=netdev,reported=20060304,public=20060304 CVE-2006-1343 impact=low,source=netdev,reported=20060304,public=20060304 CVE-2006-1494 impact=low,reported=20060410,source=cve,public=20060408 CVE-2006-2071 impact=moderate,public=20060417,source=lkml,reported=20060427 CVE-2006-2444 impact=moderate,source=vendorsec,reported=20060521,public=20060520 CVE-2006-2451 impact=important,source=redhat,reported=20060614,public=20060706 CVE-2006-2607 impact=important,public=20060120,reported=20060525,source=gentoo CVE-2006-3017 reported=20060516,impact=moderate,public=20060614,source=vendorsec CVE-2006-3242 source=cve,reported=20060627,impact=moderate,public=20060619 CVE-2006-0747 source=redhat,reported=20060302,public=20060515,impact=moderate CVE-2006-1861 source=vendorsec,reported=20060305,impact=moderate,public=20060515 CVE-2006-2661 source=redhat,reported=20060302,public=20060515,impact=low CVE-2006-3082 impact=moderate,source=vendorsec,public=20060531,reported=20060619 CVE-2006-3376 source=cve,reported=20060706,impact=moderate,public=20060630 CVE-2006-3404 source=debian,reported=20060706,public=20060706,impact=moderate CVE-2006-3467 source=redhat,impact=moderate,public=20060718,reported=20060717 # mjc 20060721 CVE-2003-0386 impact=low,public=20030605 CVE-2006-0742 reported=20060301,source=bugzilla,public=20060228,impact=important CVE-2006-1242 impact=low,source=bugtraq,reported=20060314,public=20060314 CVE-2006-2776 impact=moderate,source=mozilla,reported=20060531,public=20060601 CVE-2006-2778 impact=moderate,source=mozilla,reported=20060531,public=20060601 CVE-2006-2779 impact=critical,source=mozilla,reported=20060601,public=20060602 CVE-2006-2780 impact=critical,source=mozilla,reported=20060601,public=20060602 CVE-2006-2781 impact=critical,source=mozilla,reported=20060601,public=20060602 CVE-2006-2782 impact=moderate,source=mozilla,reported=20060531,public=20060601 CVE-2006-2783 impact=moderate,source=mozilla,reported=20060531,public=20060601 CVE-2006-2784 impact=moderate,source=mozilla,reported=20060531,public=20060601 CVE-2006-2785 impact=moderate,source=mozilla,reported=20060531,public=20060601 CVE-2006-2786 impact=moderate,source=mozilla,reported=20060531,public=20060601 CVE-2006-2787 impact=moderate,source=mozilla,reported=20060531,public=20060601 CVE-2006-2788 impact=moderate,source=mozilla,reported=20060531,public=20060601 # mjc 20060728 CVE-2002-2214 impact=moderate,source=bugzilla,reported=20060531,public=20020218 CVE-2006-2933 source=it,reported=20051011,public=20060625,impact=moderate CVE-2006-3113 public=20060726,source=mozilla,impact=critical,reported=20060724 CVE-2006-3403 source=vendorsec,reported=20060705,public=20060710,impact=important CVE-2006-3677 public=20060726,source=mozilla,impact=critical,reported=20060724 CVE-2006-3694 source=debian,reported=20060712,impact=moderate,public=20060711 CVE-2006-3801 public=20060726,source=mozilla,impact=critical,reported=20060724 CVE-2006-3802 public=20060726,source=mozilla,impact=important,reported=20060724 CVE-2006-3803 public=20060726,source=mozilla,impact=critical,reported=20060724 CVE-2006-3804 public=20060726,source=mozilla,impact=critical,reported=20060724 CVE-2006-3805 public=20060726,source=mozilla,impact=critical,reported=20060724 CVE-2006-3806 public=20060726,source=mozilla,impact=critical,reported=20060724 CVE-2006-3807 public=20060726,source=mozilla,impact=critical,reported=20060724 CVE-2006-3808 public=20060726,source=mozilla,impact=important,reported=20060724 CVE-2006-3809 public=20060726,source=mozilla,impact=critical,reported=20060724 CVE-2006-3810 public=20060726,source=mozilla,impact=important,reported=20060724 CVE-2006-3811 public=20060726,source=mozilla,impact=critical,reported=20060724 CVE-2006-3812 public=20060726,source=mozilla,impact=important,reported=20060724 # mjc 20060803 CVE-2006-3459 reported=20060714,source=vendorsec,impact=important,public=20060801 CVE-2006-3460 reported=20060714,source=vendorsec,impact=important,public=20060801 CVE-2006-3461 reported=20060714,source=vendorsec,impact=important,public=20060801 CVE-2006-3462 reported=20060714,source=vendorsec,impact=important,public=20060801 CVE-2006-3463 reported=20060714,source=vendorsec,impact=important,public=20060801 CVE-2006-3464 reported=20060714,source=vendorsec,impact=important,public=20060801 CVE-2006-3465 reported=20060714,source=vendorsec,impact=important,public=20060801 CVE-2006-3746 impact=moderate,source=rt,reported=20060725,public=20060721 # mjc 20060814 CVE-2005-2494 impact=low,reported=20050828,public=20050905,source=vendorsec CVE-2005-2496 impact=low,reported=20050210,public=20050825,source=vendorsec CVE-2005-3623 reported=20051220,source=vendorsec,impact=moderate,public=20051220 CVE-2006-0038 impact=low,source=kernel,reported=20060118,public=20060321 CVE-2006-0457 reported=20060217,public=20060203,impact=important,source=redhat CVE-2006-1857 impact=moderate,source=vendorsec,reported=20060519,public=20060519 CVE-2006-2275 impact=moderate,source=vendorsec,reported=20060509,public=20060509 CVE-2006-2446 impact=moderate,source=bugzilla,reported=20060522,public=20060810 CVE-2006-2448 impact=important,source=kernelsec,reported=20060606,public=20060609 CVE-2006-2934 impact=important,source=lkml,reported=20060630,public=20060630 CVE-2006-3083 source=mit,reported=20060706,impact=important,public=20060808 CVE-2006-3813 impact=important,source=bugzilla,reported=20060724,public=20060810 CVE-2006-3918 public=20060508,source=asf,impact=moderate,reported=20060731 CVE-2006-0456 reported=20060217,source=redhat,impact=important,public=20060307 CVE-2006-1052 reported=20060310,impact=moderate,source=redhat,public=20060311 # mjc 20060818 CVE-2006-3627 public=20060717,reported=20060717,source=vendorsec,impact=low CVE-2006-3628 public=20060717,reported=20060717,source=vendorsec,impact=moderate CVE-2006-3629 public=20060717,reported=20060717,source=vendorsec,impact=low CVE-2006-3630 public=20060717,reported=20060717,source=vendorsec,impact=moderate CVE-2006-3631 public=20060717,reported=20060717,source=vendorsec,impact=low CVE-2006-3632 public=20060717,reported=20060717,source=vendorsec,impact=moderate # mjc 20060823 CVE-2004-2660 impact=low,public=20041028,reported=20060515,source=lkml CVE-2006-1858 impact=low,source=vendorsec,reported=20060519,public=20060519 CVE-2006-2932 impact=important,source=secalert,reported=20060615,public=20060822 CVE-2006-2935 impact=moderate,source=kernelbugzilla,reported=20060705,public=20060627 CVE-2006-2936 impact=low,source=vendorsec,reported=200600704,public=20060626 CVE-2006-3468 impact=important,source=lkml,reported=20060717,public=20060717 CVE-2006-3626 impact=moderate,source=fulldisclosure,reported=20060714,public=20060714 CVE-2006-3745 impact=important,source=kernelsec,reported=20060810,public=20060822 # mjc 20060828 CVE-2006-4330 public=20060823,reported=20060824,source=wireshark,impact=low CVE-2006-4331 public=20060823,reported=20060824,source=wireshark,impact=low CVE-2006-4333 public=20060823,reported=20060824,source=wireshark,impact=low CVE-2006-3743 source=vendorsec,reported=20060810,impact=moderate,public=20060822 CVE-2006-3744 source=vendorsec,reported=20060810,impact=moderate,public=20060822 CVE-2006-4144 source=fulldisclosure,impact=moderate,public=20060814,reported=20060814 CVE-2006-4380 source=cve,reported=20060828,impact=moderate,public=20050528 # mjc 20060912 CVE-2006-4330 public=20060823,reported=20060824,source=wireshark,impact=low CVE-2006-4331 public=20060823,reported=20060824,source=wireshark,impact=low CVE-2006-4333 public=20060823,reported=20060824,source=wireshark,impact=low CVE-2006-1168 impact=moderate,source=vendorsec,reported=20060725,public=20060808 CVE-2006-3739 public=20060912,reported=20060829,source=vendorsec,impact=important CVE-2006-3740 public=20060912,reported=20060829,source=vendorsec,impact=important CVE-2006-2941 reported=20060711,source=vendorsec,impact=moderate,public=20060904 CVE-2006-3311 source=adobe,reported=20060908,impact=critical,public=20060912:1800 CVE-2006-3587 source=adobe,reported=20060908,impact=critical,public=20060912:1800 CVE-2006-3588 source=adobe,reported=20060908,impact=critical,public=20060912:1800 CVE-2006-3636 reported=20060822,public=20060904,impact=moderate,source=vendorsec CVE-2006-4339 reported=20060905,public=20060905,impact=important,source=openssl # mjc 20060915 # Some of these issues above have a different severity for # thunderbird CVE-2006-4340 impact=important,public=20060915:0001,source=mozilla,reported=20060914 CVE-2006-4565 impact=critical,public=20060915:0001,source=mozilla,reported=20060914 CVE-2006-4566 impact=critical,public=20060915:0001,source=mozilla,reported=20060914 CVE-2006-4565-RHSA-2006:0677 impact=important,public=20060915:0001,source=mozilla,reported=20060914 CVE-2006-4566-RHSA-2006:0677 impact=important,public=20060915:0001,source=mozilla,reported=20060914 CVE-2006-4253 impact=important,public=20060812,source=cve,reported=20060812 CVE-2006-4567 impact=moderate,public=20060915:0001,source=mozilla,reported=20060914 CVE-2006-4568 impact=moderate,public=20060915:0001,source=mozilla,reported=20060914 CVE-2006-4569 impact=low,public=20060915:0000,source=mozilla,reported=20060914 CVE-2006-4570 impact=important,public=20060915:0001,source=mozilla,reported=20060914 CVE-2006-4571 impact=critical,public=20060915:0001,source=mozilla,reported=20060914 CVE-2006-4571-RHSA-2006:0677 impact=important,public=20060915:0001,source=mozilla,reported=20060914 CVE-2006-4640 source=adobe,reported=20060912,impact=critical,public=20060912:1800 CVE-2006-4790 reported=20060913,source=mailinglist,public=20060908,impact=important # Note that on Red Hat Enterprise Linux 4 and above a "double free" # flaw is not exploitable and is only a client crash CVE-2006-2781-RHSA-2006:0609 impact=low,source=mozilla,reported=20060601,public=20060602 CVE-2006-2781-RHSA-2006:0611 impact=low,source=mozilla,reported=20060601,public=20060602 # mjc CVE-2006-4334 source=vendorsec,reported=20060828,impact=low,public=20060919 CVE-2006-4335 source=vendorsec,reported=20060828,impact=moderate,public=20060919 CVE-2006-4336 source=vendorsec,reported=20060828,impact=moderate,public=20060919 CVE-2006-4337 source=vendorsec,reported=20060828,impact=moderate,public=20060919 CVE-2006-4338 source=vendorsec,reported=20060828,impact=low,public=20060919 CVE-2006-1721 source=cve,reported=20060411,public=20050515,impact=moderate CVE-2006-3738 reported=20060828,public=20060928,source=vendorsec,impact=important CVE-2006-2940 reported=20060703,source=openssl,impact=moderate,public=20060928 CVE-2006-2937 reported=20060703,source=openssl,impact=low,public=20060928 CVE-2006-4343 reported=20060828,public=20060928,source=vendorsec,impact=low CVE-2006-0225 impact=low,reported=20050913,public=20050928,source=redhat CVE-2006-4924 reported=20060919,public=20060919,source=vendorsec,impact=moderate CVE-2006-4980 impact=moderate,source=vendorsec,reported=20060925,public=20060816 CVE-2006-3016 source=cve,reported=20060614,impact=moderate,public=20060502 CVE-2006-4019 source=squirrelmail,reported=20060811,public=20060811,impact=moderate CVE-2006-4020 impact=low,source=gentoo,reported=20060807,public=20060804 CVE-2006-4482 source=cve,reported=20060831,public=20060817,impact=moderate CVE-2006-4484 source=debian,reported=20060828,impact=moderate,public=20060716 CVE-2006-4486 impact=moderate,public=20060818,reported=20060915,source=internet CVE-2006-5051 reported=20060928,source=vendorsec,impact=important,public=20060928 # bressers CVE-2004-0387 public=20040406,impact=critical CVE-2004-0550 public=20040610,impact=critical CVE-2005-0189 public=20040928,impact=critical CVE-2005-0191 public=20040928,impact=critical CVE-2005-0455 public=20050224,impact=critical CVE-2005-0611 public=20050224,impact=moderate CVE-2006-4485 impact=low,public=20060817,reported=20060817 CVE-2006-4812 impact=important,source=vendorsec,reported=20060930,public=20060930 CVE-2005-4811 impact=important,reported=20050805,source=lkml,public=20050805 CVE-2006-0039 impact=low,source=kernelsec,reported=20060118,public=20060516 CVE-2006-3741 impact=moderate,source=redhat,reported=20060826,public=20060908 CVE-2006-4093 impact=moderate,source=vendorsec,reported=20060808,public=20060817 CVE-2006-4535 impact=important,source=vendorsec,reported=20060828,public=20060828 CVE-2006-4623 impact=low,source=vendorsec,reported=20060821,public=20060821 CVE-2006-4997 impact=moderate,reported=20060912,source=lkml,public=20060912 # mjc 20061024 CVE-2006-4342 impact=important,source=redhat,reported=20060911,public=20061013 CVE-2006-4811 impact=critical,source=vendorsec,reported=20061013,public=20061013:2306 CVE-2006-5174 impact=important,source=vendorsec,reported=20061004,public=20060928 CVE-2002-1571 impact=moderate,public=20020417 CVE-2006-5465 source=vendorsec,reported=20061101,public=20061102,impact=important # mjc 20061108 # (Some of these have a lower severity for Thunderbird) # (Release time in GMT based on upstream commit of advisory pages) CVE-2006-5462 impact=important,reported=20061107,public=20061108:0103,source=mozilla CVE-2006-5464 impact=critical,reported=20061107,public=20061108:0103,source=mozilla CVE-2006-5463 impact=critical,reported=20061107,public=20061108:0103,source=mozilla CVE-2006-5747 impact=critical,reported=20061107,public=20061108:0103,source=mozilla CVE-2006-5748 impact=critical,reported=20061107,public=20061108:0103,source=mozilla CVE-2006-5463-RHSA-2006:0735 impact=important,reported=20061107,public=20061108:0103,source=mozilla CVE-2006-5747-RHSA-2006:0735 impact=important,reported=20061107,public=20061108:0103,source=mozilla CVE-2006-5748-RHSA-2006:0735 impact=important,reported=20061107,public=20061108:0103,source=mozilla CVE-2006-4810 impact=moderate,source=redhat,public=20061108,reported=20061014 CVE-2005-3011 impact=low,source=cve,public=20000209,reported=20050921 CVE-2006-5467 impact=moderate,reported=20061024,public=20061025,source=vendorsec # mjc 20061114 CVE-2006-4574 source=wireshark,reported=20061017,impact=moderate,public=20061030 CVE-2006-4805 source=wireshark,reported=20061017,impact=moderate,public=20061030 CVE-2006-5170 impact=moderate,source=bz,public=20060920,reported=20060921 CVE-2006-5468 source=wireshark,reported=20061017,impact=moderate,public=20061030 CVE-2006-5469 source=wireshark,reported=20061017,impact=moderate,public=20061030 CVE-2006-5740 source=wireshark,reported=20061017,impact=moderate,public=20061030 CVE-2006-5794 source=vendorsec,reported=20061107,impact=low,public=20061107 CVE-2006-5925 impact=critical,source=fulldisclosure,public=20061115:0151,reported=20061115 CVE-2006-5750 impact=critical,source=symantec,public=20061127:1400,reported=20061113 # mjc 20061220 CVE-2006-5989 impact=low,source=bugzilla,reported=20060915,public=20061113 CVE-2006-6097 impact=moderate,source=fulldisclosure,reported=20061122,public=20061121 CVE-2006-6169 impact=low,reported=20061128,source=gnupg,public=20061124 CVE-2006-6235 impact=important,source=vendorsec,reported=20061204,public=20061206 # (Some of these have a lower severity for Thunderbird) # (Release time in GMT based on upstream commit of advisory pages) CVE-2006-6497 impact=critical,source=mozilla,reported=20061212,public=20061219:1900 CVE-2006-6497-RHSA-2006:0760 impact=moderate,source=mozilla,reported=20061212,public=20061219:1900 CVE-2006-6498 impact=critical,source=mozilla,reported=20061212,public=20061219:1900 CVE-2006-6498-RHSA-2006:0760 impact=moderate,source=mozilla,reported=20061212,public=20061219:1900 CVE-2006-6501 impact=critical,source=mozilla,reported=20061212,public=20061219:1900 CVE-2006-6501-RHSA-2006:0760 impact=moderate,source=mozilla,reported=20061212,public=20061219:1900 CVE-2006-6502 impact=critical,source=mozilla,reported=20061212,public=20061219:1900 CVE-2006-6502-RHSA-2006:0760 impact=moderatel,source=mozilla,reported=20061212,public=20061219:1900 CVE-2006-6503 impact=moderate,source=mozilla,reported=20061212,public=20061219:1900 CVE-2006-6504 impact=critical,source=mozilla,reported=20061212,public=20061219:1900 CVE-2006-6504-RHSA-2006:0760 impact=moderate,source=mozilla,reported=20061212,public=20061219:1900 CVE-2006-6505 impact=critical,source=mozilla,reported=20061212,public=20061219:1900 # mjc 20070115 CVE-2006-4514 source=idefense,reported=20061130,public=20061130,impact=moderate CVE-2006-5330 source=cve,reported=20061017,impact=moderate,public=20061017 CVE-2006-5870 reported=20061123,source=openoffice,public=20070103,impact=important CVE-2006-6101 impact=important,reported=20061207,source=vendorsec,public=20060109 CVE-2006-6102 impact=important,reported=20061207,source=vendorsec,public=20060109 CVE-2006-6103 impact=important,reported=20061207,source=vendorsec,public=20060109 # Acroread issues: # Note that on Red Hat Enterprise Linux 4 and above a "double free" # flaw is not exploitable and is only a client crash CVE-2006-5857 impact=critical,public=20070110,reported=20070104 CVE-2007-0045 impact=important,public=20070103,reported=20070104 CVE-2007-0046 impact=critical,public=20070103,reported=20070104 CVE-2007-0046-RHSA-2007:0017 impact=low,public=20070103,reported=20070104 # mjc 20070130 CVE-2007-0010 impact=moderate,source=vendorsec,reported=20061207,public=20070110 CVE-2006-4538 impact=moderate,reported=20060905,source=lkml,public=20060823 CVE-2006-4813 impact=important,source=bugzilla,reported=20060921,public=20061011 CVE-2006-4814 impact=moderate,source=redhat,reported=20060209,public=20061214 CVE-2006-5619 impact=important,source=vendorsec,reported=20061031,public=20061031 CVE-2006-5751 impact=important,source=redhat,reported=20061120,public=20061129 CVE-2006-5753 impact=moderate,source=redhat,reported=20061218,public=20070103 CVE-2006-5757 impact=low,source=internet,reported=20061105,public=20061105 CVE-2006-5823 impact=low,source=internet,reported=20061107,public=20061107 CVE-2006-6053 impact=low,source=internet,reported=20061110,public=20061110 CVE-2006-6054 impact=low,source=internet,reported=20061112,public=20061112 CVE-2006-6056 impact=low,source=internet,reported=20061114,public=20061114 CVE-2006-6106 impact=moderate,source=redhat,reported=20061127,public=20061214 CVE-2006-6535 impact=moderate,source=bugzilla,reported=20061025,public=20061214 CVE-2006-5754 impact=important,source=vendorsec,reported=20061229,public=20070123 CVE-2005-4348 source=fetchmail,reported=20051220,impact=low,public=20051219 CVE-2006-5867 impact=moderate,source=cve,public=20070104,reported=20070109 CVE-2006-6142 impact=moderate,source=gentoo,public=20061202,reported=20061204 # mjc 20070209 CVE-2006-5540 source=postgresql,reported=20061025,impact=low,public=20061016 CVE-2006-5541 source=postgresql,reported=20061025,impact=low,public=20061016 CVE-2006-5542 source=postgresql,reported=20061025,impact=low,public=20061016 CVE-2006-6107 source=redhat,reported=20061127,impact=moderate,public=20061212 CVE-2006-6731 public=20070104,impact=critical,source=internet,reported=20070104 CVE-2006-6736 public=20070104,impact=important,source=internet,reported=20070104 CVE-2006-6737 public=20070104,impact=important,source=internet,reported=20070104 CVE-2006-6745 public=20070104,impact=critical,source=internet,reported=20070104 CVE-2007-0494 impact=moderate,source=gentoo,public=20070125,reported=20070125 CVE-2007-0555 reported=20070129,source=redhat,impact=moderate,public=20070205 CVE-2007-0556 reported=20070129,source=redhat,impact=moderate,public=20070205 CVE-2006-2440 public=20060102,source=cve,impact=low,reported=20060518 CVE-2006-4031 source=cve,reported=20060809,public=20051123,impact=low CVE-2006-4226 reported=20060817,source=gentoo,public=20060222,impact=low CVE-2006-4227 public=20060620,impact=low CVE-2006-5456 source=debian,reported=20061016,impact=moderate,public=20060929 CVE-2006-5868 source=debian,reported=20061128,public=20060929,impact=moderate CVE-2006-6120 source=vendorsec,reported=20061122,public=20061129,impact=moderate CVE-2007-0001 impact=moderate,source=redhat,reported=20070117,public=20070220 CVE-2007-0006 impact=important,source=kernelbugzilla,reported=20070206,public=20061221 CVE-2007-0008 impact=critical,source=mozilla,reported=20070222,public=20070223 CVE-2007-0009 impact=critical,source=mozilla,reported=20070222,public=20070223 CVE-2007-0451 reported=20070213,source=asf,public=20070213,impact=important CVE-2007-0452 reported=20070130,source=samba,impact=moderate,public=20070205 CVE-2007-0906 impact=important,public=20070214,reported=20070214,source=internet CVE-2007-0907 impact=low,public=20070214,reported=20070214,source=internet CVE-2007-0908 impact=moderate,public=20070214,reported=20070214,source=internet CVE-2007-0909 impact=low,public=20070214,reported=20070214,source=internet CVE-2007-0910 impact=important,public=20070214,reported=20070214,source=internet CVE-2007-0988 impact=moderate,public=20070214,reported=20070214,source=internet CVE-2007-1007 impact=critical,source=secunia,reported=20070219,public=20070213 CVE-2006-6077 impact=moderate,source=mozilla,reported=20070222,public=20070223 CVE-2007-0775 impact=critical,source=mozilla,reported=20070222,public=20070223 CVE-2007-0777 impact=critical,source=mozilla,reported=20070222,public=20070223 CVE-2007-0778 impact=moderate,source=mozilla,reported=20070222,public=20070223 CVE-2007-0779 impact=moderate,source=mozilla,reported=20070222,public=20070223 CVE-2007-0780 impact=moderate,source=mozilla,reported=20070222,public=20070223 CVE-2007-0800 impact=moderate,source=mozilla,reported=20070222,public=20070223 CVE-2007-0981 impact=moderate,source=mozilla,reported=20070222,public=20070223 CVE-2007-0995 impact=moderate,source=mozilla,reported=20070222,public=20070223 CVE-2007-0996 impact=moderate,source=mozilla,reported=20070222,public=20070223 # mjc 20070313 CVE-2007-0774 impact=critical,reported=20070223,public=20070227,source=asf CVE-2007-1263 impact=important,source=corelabs,reported=20070228,public=20070305 CVE-2007-0994 impact=critical,source=mozilla,reported=20070222,public=20070305 CVE-2007-1092 impact=critical,source=bugtraq,reported=20070223,public=20070223 CVE-2007-1282 impact=critical,source=mozilla,reported=20070305,public=20070305 # mjc 20070319 for rhel5 things too CVE-2007-0002 impact=important,source=vendorsec,reported=20070115,public=20070316 CVE-2007-0005 impact=moderate,source=vendorsec,reported=20070206,public=20070306 CVE-2007-0456 impact=low,source=vendorsec,reported=20070119,public=20070201 CVE-2007-0457 impact=low,source=vendorsec,reported=20070119,public=20070201 CVE-2007-0458 impact=low,source=vendorsec,reported=20070119,public=20070201 CVE-2007-0459 impact=low,source=vendorsec,reported=20070119,public=20070201 CVE-2007-0493 impact=important,source=gentoo,public=20070125,reported=20070125 CVE-2007-0958 impact=low,source=vendorsec,reported=20060808,public=20070126 CVE-2007-0998 impact=important,source=redhat,reported=20070227,public=20070314 CVE-2007-1285 public=20070301,reported=20070301,source=internet,impact=moderate # mjc 20070326 CVE-2007-0238 impact=important,source=openoffice,reported=20070202,public=20070320 CVE-2007-0239 impact=moderate,public=20070320,source=openoffice,reported=20070207 CVE-2007-1466 impact=important,source=vendorsec,reported=20070115,public=20070316 CVE-2007-1536 impact=moderate,source=debian,reported=20070319,public=20070208 # mjc 20070404 CVE-2007-0956 impact=critical,source=mit,reported=20070221,public=20070403:1805 CVE-2007-0957 impact=important,source=mit,reported=20070308,public=20070403:1805 CVE-2007-1003 impact=important,reported=20070216,public=20070403,source=vendorsec CVE-2007-1216 impact=important,source=mit,reported=20070308,public=20070403:1805 CVE-2007-1351 impact=important,reported=20070322,public=20070403,source=vendorsec CVE-2007-1352 impact=important,reported=20070322,public=20070403,source=vendorsec CVE-2007-1560 public=20070320,reported=20070321,source=internet,impact=moderate CVE-2007-1667 impact=moderate,source=debian,public=20070309,reported=20070309 # mjc 20070420 CVE-2007-0455 impact=low,source=vendorsec,reported=20070124,public=20070126 CVE-2007-0720 impact=moderate,source=cve,reported=20070314,public=20061113 CVE-2007-1001 impact=moderate,source=internet,public=20070310,reported=20070310 CVE-2007-1286 impact=important,public=20070302,reported=20070302,source=internet CVE-2007-1354 impact=low,public=20070415,source=redhat,reported=20070322 CVE-2007-1583 impact=low,public=20070320,reported=20070320,source=internet CVE-2007-1711 impact=important,public=20070325,reported=20070325,source=internet CVE-2007-1718 impact=low,public=20070326,reported=20070326,source=internet # mjc 20070430 # # CVE-2007-0243 is an interesting case for measurement; although the # flaw involving gif files and overflows was reported in the Sun Java # Runtime in January, it wasn't acknowledged by IBM as affecting the # IBM Java Runtime until April (and without source it's hard for a # third party to do this analysis). So is the date this issue was # first public in IBM Java Runtime Jan or Apr? As a 'proof of # concept' was available that did affect the IBM Java I'm going to # select Jan to give the most daysofrisk but a more accurate measurement CVE-2007-0243 reported=20070417,source=internet,impact=critical,public=20070117 CVE-2007-0771 impact=important,source=lkml,reported=20070212,public=20070212 CVE-2007-1000 impact=important,source=vendorsec,reported=20070306,public=20070306 CVE-2007-1388 impact=important,source=vendorsec,reported=20070309,public=20070308 # For RHN satellite we don't use these components with untrusted applets, but # we did fix the underlying vulns CVE-2007-0243-RHSA-2008:0524 reported=20070417,source=internet,impact=low,public=20070117 CVE-2007-2435-RHSA-2008:0524 reported=20070501,source=gentoo,public=20070430,impact=low CVE-2007-2788-RHSA-2008:0524 reported=20070521,source=securityfocus,public=20070521,impact=low CVE-2007-2789-RHSA-2008:0524 reported=20070521,source=securityfocus,public=20070521,impact=low CVE-2007-0243-RHSA-2008:0261 reported=20070417,source=internet,impact=low,public=20070117 CVE-2007-2435-RHSA-2008:0261 reported=20070501,source=gentoo,public=20070430,impact=low CVE-2007-2788-RHSA-2008:0261 reported=20070521,source=securityfocus,public=20070521,impact=low CVE-2007-2789-RHSA-2008:0261 reported=20070521,source=securityfocus,public=20070521,impact=low # 20070517 CVE-2005-2475 impact=low,public=20050802,reported=20050802,source=bugtraq CVE-2005-2090 impact=moderate,public=20050606,source=internet,reported=20050606 CVE-2006-7195 impact=moderate,public=20070419,reported=20070419,source=internet CVE-2006-7196 impact=moderate,public=20070426,reported=20070426,source=internet CVE-2007-0450 impact=important,public=20070314,source=internet,reported=20070314 CVE-2007-1858 impact=moderate,public=20070419,reported=20070419,source=internet CVE-2007-3835 impact=low,public=20060721,reported=20060721,source=fulldisclosure CVE-2005-2666 impact=low,reported=20050707,source=bugzilla,public=20050707 CVE-2005-3183 impact=low,source=redhat,public=20051007,reported=20050605 CVE-2005-4268 impact=low,public=20051107,reported=20051107,source=bugzilla CVE-2005-4667 impact=low,public=20051219,reported=20060125,source=debian CVE-2005-4837 impact=moderate,source=cve,reported=20070503,public=20050523 CVE-2005-4838 public=20050103,reported=20050103,impact=low,source=asf CVE-2006-1057 impact=low,reported=20060407,public=20060419,source=vendorsec CVE-2006-1058 impact=low,reported=20060329,source=vendorsec,public=20051219 CVE-2006-1174 source=cert,reported=20060512,public=20050223,impact=low CVE-2006-3619 impact=moderate,source=vendorsec,reported=20060712,public=20060713 CVE-2006-3835 impact=moderate,source=cve,reported=20060724,public=20060721 CVE-2006-4146 source=vendorsec,reported=20060815,impact=low,public=20060831 CVE-2006-4600 reported=20060906,source=cve,impact=low,public=20060904 CVE-2006-6899 impact=moderate,source=internet,reported=20061228,public=20061228 CVE-2006-7108 source=bugzilla,reported=20060109,public=20060109,impact=low CVE-2006-7176 reported=20051026,source=bz,public=20051026,impact=low CVE-2007-1002 impact=moderate,source=secunia,reported=20070301,public=20070328 CVE-2007-1859 impact=important,source=redhat,reported=20070413,public=20070503 CVE-2007-1864 public=20070503,reported=20070503,source=internet,impact=important CVE-2007-2028 impact=moderate,source=freeradius,public=20070412,reported=20070412 CVE-2007-2138 impact=moderate,public=20070423,reported=20070419,source=redhat CVE-2007-2438 impact=moderate,source=internet,reported=20070430,public=20070426 CVE-2007-2446 public=20070514,reported=20070507,impact=critical,source=upstream CVE-2007-2447 public=20070514,reported=20070507,impact=important,source=upstream CVE-2007-2509 public=20070503,reported=20070503,source=internet,impact=low CVE-2007-2510 public=20070503,reported=20070503,source=internet,impact=moderate CVE-2007-1380 impact=important,public=20070214,reported=20070214,source=internet # 20070518 CVE-2006-5793 source=vendorsec,reported=20061107,impact=low,public=20061114 CVE-2007-1262 impact=moderate,source=internet,public=20070509,reported=20070509 CVE-2007-1496 impact=important,source=lkml,reported=20070307,public=20070307 CVE-2007-1497 impact=moderate,source=lkml,reported=20070307,public=20070307 CVE-2007-1558 source=vendorsec,reported=20070320,public=20070401,impact=moderate CVE-2007-1592 impact=important,source=netdev,reported=20070333,public=20070316 CVE-2007-1701 impact=important,public=20070214,reported=20070214,source=internet CVE-2007-1825 impact=important,public=20070214,reported=20070214,source=internet CVE-2007-1841 source=vendorsec,reported=20070331,public=20070406,impact=moderate CVE-2007-1856 impact=moderate,source=vendorsec,reported=20070427,public=20070410 CVE-2007-1861 impact=important,source=vendorsec,reported=20070425,public=20070425 CVE-2007-2172 impact=important,source=redhat,reported=20070413,public=20070326 CVE-2007-2242 impact=important,source=cansecwest,reported=20070417,public=20070417 CVE-2007-2445 reported=20070505,public=20070515,source=vendorsec,impact=moderate CVE-2007-2589 impact=moderate,source=internet,public=20070509,reported=20070509 # 20070531 CVE-2003-1329 reported=20070521,source=cve,public=20030129,impact=moderate CVE-2007-1860 reported=20070420,source=asf,impact=important,public=20070521 CVE-2007-1995 impact=moderate,source=debian,reported=20070409,public=20070408 CVE-2007-2356 impact=moderate,source=gentoo,public=20070427,reported=20070430 CVE-2007-2799 impact=moderate,source=vendorsec,reported=20070522,public=20070523 CVE-2007-1362 reported=20070529,public=20070531,source=mozilla,impact=low CVE-2007-1562 reported=20070322,public=20070322,source=bugtraq,impact=low CVE-2007-2867 reported=20070529,public=20070531,source=mozilla,impact=low CVE-2007-2868 reported=20070529,public=20070531:0010,source=mozilla,impact=critical CVE-2007-2869 reported=20070529,public=20070531,source=mozilla,impact=low CVE-2007-2870 reported=20070529,public=20070531,source=mozilla,impact=important CVE-2007-2871 reported=20070529,public=20070531,source=mozilla,impact=low # We need to adjust these two slightly because they only affected # RHEL5 which was released on 20070314 and if we use daysofrisk.pl # with distrib=rhel it won't figure out that RHEL5 wasn't out on # 20070213 for example. We need to update daysofrisk.pl and the raw # data to better handle this case. But for now the changes below make # the metrics accurate. # CVE-2007-1006 impact=critical,source=secunia,reported=20070219,public=20070213 # CVE-2007-0999 impact=critical,source=redhat,reported=20070306,public=20070308 CVE-2007-1006 impact=critical,source=secunia,reported=20070219,public=20070314 CVE-2007-0999 impact=critical,source=redhat,reported=20070306,public=20070314 # mjc 20070618 CVE-2004-0813 public=20040730,impact=moderate,source=lkml,reported=20040730 CVE-2006-5297 source=mailinglist,reported=20061004,impact=low,public=20061004 CVE-2006-7203 impact=important,source=bugzilla,reported=20070511,public=20070515 CVE-2007-0245 impact=important,public=20070612,reported=20070601,source=upstream CVE-2007-1349 source=internet,reported=20070517,impact=moderate,public=20070322 CVE-2007-1353 impact=low,source=redhat,reported=20070328,public=20070418 CVE-2007-1716 source=bz,impact=low,reported=20070327,public=20070303 CVE-2007-2022 reported=20070419,public=20070525,source=vendorsec,impact=important CVE-2007-2453 impact=low,source=vendorsec,reported=20070529,public=20070530 CVE-2007-2525 impact=important,source=secunia,reported=20070509,public=20070508 CVE-2007-2683 impact=low,source=gentoo,public=20070511,reported=20070511 CVE-2007-2754 impact=moderate,source=mailinglist,reported=20070428,public=20070427 CVE-2007-2873 impact=low,reported=20070607,public=20070611,source=vendorsec CVE-2007-3099 reported=20070601,public=20070611,source=vendorsec,impact=moderate CVE-2007-3100 reported=20070601,public=20070611,source=vendorsec,impact=moderate CVE-2007-4168 reported=20070612,public=20070613,impact=moderate,source=vendorsec # mjc 20070628 CVE-2006-4168 reported=20070612,public=20070613,impact=moderate,source=vendorsec CVE-2006-5158 impact=moderate,source=vendorsec,reported=20061010,public=20060928 CVE-2006-5752 public=20070620,source=asf,reported=20070620,impact=moderate CVE-2007-0773 impact=important,source=bugzilla,reported=20070209,public=20070622 CVE-2007-1358 source=asf,reported=20070524,public=20070613,impact=low CVE-2007-1863 public=20070502,source=asf,reported=20070502,impact=moderate CVE-2007-2442 impact=important,reported=20070503,public=20070626,source=mit CVE-2007-2442-RHSA-2007:0384 impact=critical,reported=20070503,public=20070626,source=mit CVE-2007-2443 impact=important,reported=20070503,public=20070626,source=mit CVE-2007-2798 reported=20070529,source=mit,impact=important,public=20070626 CVE-2007-2876 impact=important,source=kernelsec,reported=20070605,public=20070607 CVE-2007-3104 impact=moderate,source=bugzilla,reported=20070425,public=20070622 CVE-2007-3257 impact=important,source=vendorsec,public=20070614,reported=20070614 CVE-2007-3304 public=20070619,source=bugtraq,impact=moderate,reported=20070619 CVE-2007-3410 impact=critical,source=idefense,reported=20070626,public=20070626 # mjc 20070720 # (Some of these have a lower severity for Thunderbird) # (Release time in GMT based on upstream commit of advisory pages) CVE-2006-5871 impact=low,source=vendorsec,reported=20061201,public=20041019 CVE-2007-2449 source=asf,reported=20070524,public=20070613,impact=moderate CVE-2007-2450 source=asf,reported=20070524,public=20070613,impact=low CVE-2007-3103 public=20070711,source=idefense,impact=moderate,reported=20070605 CVE-2007-3107 impact=moderate,source=redhat,reported=20070622,public=20070703 CVE-2007-3374 reported=20070619,source=bz,impact=important,public=20070619 CVE-2007-3377 impact=moderate,source=internet,reported=20070623,public=20061222 CVE-2007-3409 impact=moderate,source=internet,reported=20070623,public=20061222 CVE-2007-3089 source=bugtraq,reported=20070604,public=20070604,impact=moderate CVE-2007-3456 impact=critical,source=secalert,reported=20070703,public=20070710 CVE-2007-3656 impact=moderate,source=bugtraq,public=20070709,reported=20070709 CVE-2007-3734 source=mozilla,reported=20070717,public=20070718:0900,impact=critical CVE-2007-3735 source=mozilla,reported=20070717,public=20070718:0900,impact=critical CVE-2007-3736 source=mozilla,reported=20070717,public=20070718:0900,impact=moderate CVE-2007-3737 source=mozilla,reported=20070717,public=20070718:0900,impact=critical CVE-2007-3738 source=mozilla,reported=20070717,public=20070718:0900,impact=critical CVE-2007-3734-RHSA-2007:0723 source=mozilla,reported=20070717,public=20070718:0900,impact=moderate CVE-2007-3735-RHSA-2007:0723 source=mozilla,reported=20070717,public=20070718:0900,impact=moderate CVE-2007-3737-RHSA-2007:0723 source=mozilla,reported=20070717,public=20070718:0900,impact=moderate CVE-2007-3738-RHSA-2007:0723 source=mozilla,reported=20070717,public=20070718:0900,impact=moderate CVE-2007-2926 impact=moderate,source=bind,reported=20070719,public=20070723 CVE-2006-4096 reported=20060821,source=niscc,public=20060905,impact=moderate CVE-2007-0240 source=debian,reported=20070321,public=20070320,impact=low CVE-2007-1462 impact=low,source=redhat,reported=20070212,public=20070213 CVE-2000-1191 source=redhat,impact=low,reported=20061206,public=20000418 CVE-2004-0806 impact=low,source=vendorsec,reported=20040823,public=20040909 CVE-2004-0972 source=vendorsec,reported=20040910,public=20040930,impact=low CVE-2004-2259 impact=moderate,public=20040325,reported=20040325 CVE-2007-3387 source=secalert,reported=20070712,impact=important,public=20070728 CVE-2007-3388 reported=20070713,source=vendorsec,impact=moderate,public=20070727 # mjc 20070809 CVE-2006-6058 impact=low,source=internet,reported=20061117,public=20061117 CVE-2007-0235 impact=moderate,source=gentoo,reported=20070115,public=20070114 CVE-2007-1217 impact=moderate,source=vendorsec,reported=20070213,public=20070126 CVE-2007-2435 reported=20070501,source=gentoo,public=20070430,impact=critical CVE-2007-2788 reported=20070521,source=securityfocus,public=20070521,impact=critical CVE-2007-2789 reported=20070521,source=securityfocus,public=20070521,impact=critical CVE-2007-3004 reported=20070504,source=cve,public=20070415,impact=critical CVE-2007-3005 reported=20070504,source=cve,public=20070415,impact=critical CVE-2007-3381 impact=moderate,source=secalert,reported=20070705,public=20070730 CVE-2007-3503 impact=low,source=cve,reported=20070702,public=20070628 CVE-2007-3655 impact=moderate,source=cve,reported=20070710,public=20070710 CVE-2007-3698 impact=moderate,source=cve,reported=20070712,public=20070710 CVE-2007-3922 impact=moderate,source=cve,reported=20070721,public=20070718 CVE-2007-4381 impact=critical,reported=20070815,public=20070815,source=internet CVE-2007-4131 impact=moderate,source=vendorsec,reported=20070812,public=20070812 CVE-2007-3780 impact=important,public=20070704,reported=20070824,source=it CVE-2007-4132 reported=20070807,source=redhat,impact=moderate,public=20070829 CVE-2005-2873 public=20050509,impact=low,source=redhat,reported=20060814 CVE-2005-3257 impact=low,public=20051015,reported=20051103,source=internet CVE-2006-0557 public=20060217,source=vendorsec,reported=20060307,impact=low CVE-2006-1863 impact=moderate,source=redhat,reported=20060419,public=20060420 CVE-2007-3379 impact=important,source=redhat,reported=20060125,public=20070501 # mjc 20070912 CVE-2006-0558 reported=20060310,source=vendorsec,impact=important,public=20060201 CVE-2007-2691 impact=low,source=gentoo,reported=20070517,public=20070517 CVE-2007-2692 impact=low,source=gentoo,reported=20070517,public=20070517 CVE-2007-3781 impact=low,source=cve,reported=20070717,public=20070704 CVE-2007-3782 impact=low,source=cve,reported=20070717,public=20070704 CVE-2007-3849 impact=moderate,reported=20070731,public=20070904,source=redhat CVE-2007-3999 public=20070904:1900,reported=20070803,impact=important,source=mit CVE-2007-4000 public=20070904:1900,reported=20070803,impact=important,source=mit CVE-2007-4134 source=gentoo,reported=20070821,public=20070821,impact=moderate CVE-2007-4743 public=20070905,reported=20070906,impact=important,source=mit # mjc 20070914 CVE-2007-0242 impact=moderate,source=vendorsec,reported=20070329,public=20070329 CVE-2007-2875 impact=moderate,source=vendorsec,reported=20070604,public=20070607 CVE-2007-2878 impact=important,source=lkml,reported=20070508,public=20070508 CVE-2007-3739 impact=moderate,source=redhat,reported=20070710,public=20070831 CVE-2007-3740 impact=important,source=lkml,reported=20070802,public=20070608 CVE-2007-3843 impact=low,source=internet,reported=20070802,public=20070608 CVE-2007-3851 impact=important,source=kernelsec,reported=20070807,public=20070807 CVE-2007-4137 reported=20070828,source=vendorsec,public=20070903,impact=important # mjc 20070930 CVE-2006-0576 impact=low,reported=20060207,source=cve,public=20060207 CVE-2006-4519 impact=moderate,source=internet,public=20070709,reported=20070709 CVE-2007-2756 reported=20070521,source=cve,impact=low,public=20070516 CVE-2007-2834 source=openoffice,reported=20070813,public=20070917,impact=important CVE-2007-2872 public=20070601,reported=20070601,source=internet,impact=moderate CVE-2007-2949 impact=moderate,source=vendorsec,public=20070627,reported=20070614 CVE-2007-3106 reported=20070621,source=upstream,impact=important,public=20070726 CVE-2007-3380 impact=important,source=redhat,reported=20070626,public=20070626 CVE-2007-3382 impact=low,source=asf,reported=20070712,public=20070814 CVE-2007-3385 impact=low,source=asf,reported=20070712,public=20070814 CVE-2007-3386 source=asf,impact=low,public=20070814,reported=20070712 CVE-2007-3741 impact=moderate,source=internet,public=20070709,reported=20070709 CVE-2007-3799 source=internet,public=20070601,reported=20070601,impact=low CVE-2007-3996 impact=moderate,public=20070830,reported=20070830,source=internet CVE-2007-3998 impact=low,public=20070830,reported